Surge in vaccine-related phishing attacks as rollout picks up momentum
Hackers are taking advantage of the heightened focus on the COVID-19 vaccine and are increasingly using vaccine-related emails in their targeted spear-phishing attacks, according to new data from cloud-enabled security solutions provider Barracuda Networks.
The findings, which were contained in Barracuda's most recent Threat Spotlight, analysed phishing emails between October 2020 and January 2021. Interestingly, the number of vaccine-related spear-phishing attacks increased by 12% immediately following vaccine availability announcements from Pfizer and Moderna in November 2020. However, by the end of January 2021, following the continued successful rollout of the vaccine, the average number of vaccine-related spear-phishing attacks was up 26% since October.
In the time frame analysed, Barracuda observed spikes in vaccine-related phishing activity centred around new updates, announcements and ground-breaking approvals from around the world.
Researchers concluded that this is due to mass phishing campaigns centred around spiking public interest towards the vaccine, in an effort from the perpetrators to improve the effectiveness of their phishing attack campaigns.
Barracuda researchers identified two predominant types of spear-phishing attacks using vaccine-related themes: brand impersonation and business email compromise.
The former is an email attack form which is used to impersonate a well known brand or organisation and includes a link to a phishing website advertising early access to vaccines, offering vaccinations in exchange for a payment, or even impersonating health care professionals requesting personal information to check eligibility for a vaccine.
Business Email Compromise (BEC) attacks are instead used to impersonate individuals within an organisation or their business partners. Barracuda observed that recently these highly targeted attacks turned to vaccine-related topics. Common examples include impersonating employees needing an urgent favour while they are getting a vaccine or an HR specialist advising that the organisation has secured vaccines for their employees.
"Combatting this growing threat first requires individuals and employees to be sceptical of all vaccine-related emails, especially those offering early access to the vaccine, to join a waiting list, or have the vaccine shipped directly to you – as a precaution you should never click on links or open attachments in these emails," says Fleming Shi, chief technology officer for Barracuda Networks.
"Scammers are also adapting email tactics to bypass gateways and spam filters, so it's critical to have a purpose-built solution that uses machine learning to analyse normal communication patterns within your organisation, so that it can also spot anomalies that may indicate an attack, or if an internal email has been compromised," Shi says.
"Finally, establishing strong internal policies and training staffers on how to recognise and report all attacks, not just those pertaining to the vaccine, will be the most effective method to bolstering defences against the ever-evolving email attack threat facing you.