Cyberattackers have launched large-scale campaigns in an attempt to profit from the vaccine rollout, according to a March 24 report from PaloAlto Unit42.
Here are six takeaways from the study:
- Phishing attacks relating to pharmacies and hospitals rose 189 percent from December to February.
- Vaccine-related phishing attacks rose by 530 percent during the same time frame.
- Microsoft was the brand most targeted by cyberattackers, who created fake Microsoft pages to steal credentials from employees. Twenty-three percent of COVID-19-themed phishing URLs were counterfeit Microsoft login pages.
- COVID-19-related phishing URLs begin to spike after Jan. 1 for topics like vaccines, drugs, pharmacies and hospitals.
- COVID-19-themed phishing attackers are constantly creating new websites to host their phishing campaigns. Nearly a quarter of all phishing pages were first observed fewer than 32 days ago, which allows attackers to craft their message to the latest pandemic trends.
- Researchers found evidence that fake websites claimed to represent Pfizer and BioNTech, the makers of one of the mRNA vaccines. Phishing pages asked users to log in with their Microsoft Office365 credentials to allegedly sign up for the vaccine.