The race to develop a viable COVID-19 vaccine is creating opportunities for cyber attackers.
“Nation states or certain organizations are targeting vaccine researchers and overwhelmingly the vectors that we’re seeing are still email-based, so that that continues to be the biggest concern,” said Mark Ostrowski with Check Point Software.
The security company says coronavirus-related cyber attacks are down since the summer, but the number of malicious websites related to COVID-19 vaccines is up.
So-called “threat actors” are sending out vaccine-related email phishing campaigns. A recent one had the email subject: “Urgent information letter: COVID-19 new approved vaccines.”
“So, what I would really warn folks is that if you receive an email that contains a vaccine sort of sensational type of subject in the email itself, and then there’s an attachment, and the attachment is either an executable or office document, those are things that you want to watch out for,” said Ostrowski.
People who opened that document in the phishing email actually had a way to steal usernames and passwords.