BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Beware: COVID-19 Vaccine News May Lead to New Wave of Phishing

COVID-19 Vaccine Related Phishing and How You Can Protect Your Organization

As the COVID-19 pandemic continues to claim lives across the globe and infection rates continue to soar, scientists are continually looking for a solution to end the world’s suffering. In the past weeks, vaccine manufacturers, such as Moderna and Pfizer-BioNTech, have published encouraging results from the last stages of their vaccine trials, giving the world a glimpse of hope.

However, with all these vaccines that have been developed and those in their final stages, none has been officially released for mass consumption. As the population continues to get overwhelmed with pandemic fatigue and scientists get closer to developing a real vaccine, cybercriminals are now using the developed vaccines as a ploy in their extortion activities.

COVID 19 Vaccine

What are phishing emails?

Phishing is a form of social engineering often used by cybercriminals to trick their targets into providing them with their personal information and account data. Once this information is obtained, these malicious actors use the targets’ credentials or install malware into their systems to obtain data. Phishing is carried out via text messages, instant messages, social media messaging platforms, phone calls, or email. However, phishing emails are the most common. The recipient of the email is usually tricked into clicking on a malicious link, which may lead to the installation of malware that may obtain sensitive information or freeze the recipient’s system as a way to deny services as part of a cyberattack.

At the initial stages of the COVID-19 pandemic, these emails came in different forms with luring subject lines such as:

  • What to do if you have come into contact with someone with COVID-19.
  • Free COVID-19 testing emails.
  • Advice on what to do if you have violated COVID-19 health protocols.

The main aim of these emails was to exploit the anxiety surrounding the pandemic. With the vaccine in sight and the topic naturally arousing excitement and attention, these emails are now being tailored to announce the promise of COVID-19 vaccines.

How can you identify phishing emails? As an organization, you have probably already started seeing vaccine-themed phishing emails or may expect to start seeing these emails in the next few weeks. But how exactly do you distinguish these fake emails from verified ones to protect your employees and ultimately protect your organization’s systems?

Here are several tips to help you identify phishing emails:

  1. Legitimate companies don’t request sensitive information via email: The chances are that if you receive an email purporting to be from a legitimate institution that provides you with an attachment or link and asks you to provide sensitive data, it’s a scam. Most verified organizations don’t send emails asking for credit card information, account usernames and passwords.
  2. Legitimate companies don’t send unsolicited links or attachments: Unexpected emails that contain links and attachments reek of hackers. Authentic organizations don’t randomly send you emails with links or attachments; they usually direct you to their websites.
  3. Look out for spelling errors: The easiest way to recognize a phishing email is terrible grammar. Emails from a verified organization are usually well-written.
  4. Legitimate companies have domain emails: Don’t only check the name of the person sending you the email, also check the email address. Most companies use their domain email addresses when sending out emails. However, this is not a foolproof method of identifying phishing emails.

How can you protect your organization against phishing attacks?

To protect your organization from phishing attacks, you need to practice vigilance. Training your employees on what to look out for when it comes to distinguishing phishing emails goes a long way toward protecting your organization from malicious attacks.

The following pointers will help to mitigate risks for phishing attacks:

  • Use two-factor or multifactor authentication methods to add an extra verification layer when logging in to sensitive applications.
  • Integrate firewalls to establish a barrier between your internal network and incoming traffic from external sources to block malicious traffic.
  • Keep all your software and applications updated.
  • Install security software such as antivirus, antispyware and anti-malware programs to help detect and remove malicious programs.
  • Enable email filtering to filter out incoming emails for phishing content and automatically move them to a separate folder.

No matter how secure your company’s network is, it only takes one reckless employee to fall victim to a phishing attack and send your company’s data into the hands of cybercriminals. Your employees need to understand and be able to recognize phishing emails to protect your organization.

More Like This

What Are the Key Differences Between IT Services and Consulting?

What Are the Key Differences Between IT Services and Consulting? When business leaders create annual budgets, IT typically ranks among the top investments. More than $4 trillion was spent globally in 2019, and the average company funneled 8.2 percent of its total revenue into IT. The primary focus for too many companies was IT services, …

What Are the Key Differences Between IT Services and Consulting? Read More »

Read More

AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

Original release date: January 8, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This Alert is a companion alert to AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. AA20-352A …

AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments Read More »

Read More

Microsoft Makes Anti-Spam Changes

Microsoft Makes Anti-Spam Changes The year 2020 is not the only thing that is coming to an end. Microsoft is slowly rolling out changes meant to deter spam. This is causing some features to come to an end and changing the way a few Microsoft products, most notably email, is used. As a business owner, …

Microsoft Makes Anti-Spam Changes Read More »

Read More

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

Original release date: December 17, 2020<br/><h3>Summary</h3><p class=”tip-intro” style=”font-size: 15px;”><em>This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&amp;CK®) version 8 framework. See the <a href=”https://attack.mitre.org/versions/v8/”>ATT&amp;CK for Enterprise version 8</a> for all referenced threat actor tactics and techniques.</em></p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical …

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations Read More »

Read More

Top 15 Microsoft Teams Tips and Tricks

Top 15 Microsoft Teams Tips and Tricks Microsoft Teams is one of the most popular and influential digital team-building solutions available for startups and business teams of any size. Using Microsoft Teams as your company’s preferred collaboration tool provides access to myriad features, from private messaging and group chats to file and document-sharing. With a …

Top 15 Microsoft Teams Tips and Tricks Read More »

Read More

9 Meeting Tips for Using Microsoft Teams

9 Meeting Tips for Using Microsoft Teams Microsoft Teams is a simple, yet effective tool for hosting meetings. It has both audio and video capabilities as well as a chat feature. It can handle conference calls and one on one meetings, with members of your organization as well as guests. Plus, it has a convenient …

9 Meeting Tips for Using Microsoft Teams Read More »

Read More