Hackers using COVID vaccine as a lure to spread malware

Cyber criminals are impersonating WHO, DHL, and vaccine manufacturers in phishing campaigns

Security researchers have exposed a new phishing campaign that uses COVID-19 vaccine news to spread malware, phishing, and Business Email Compromise attacks (BEC).

The attacks target individuals within businesses by impersonating organizations, including the WHO, DHL, and vaccine manufacturers. The themes leveraged a range of topics, including the fear that a person had encountered an infected individual; government vaccine approvals and economic recovery fueled by the vaccine; and sign-up forms to receive the vaccine, information updates, and vaccine shipment delivery.

According to a Proofpoint blog post, the BEC attack campaigns were far more targeted. They reportedly gave information on a bogus merger/acquisition and were sent directly to senior executives in the affected organizations.

Researchers first noted the attacks in early December 2019. These emails projected that COVID-19 vaccines would fuel the world's economic recovery. The email claimed to be from an executive asking the recipient for their cooperation in a foreign company’s confidential acquisition. It alleged that this is an opportune moment to acquire, as in the "midst of every crisis lies a great opportunity." 

This month, hackers sent hundreds of messages over four days that targeted dozens of industries in the US and Canada. The emails urged the potential victims to click a link to "confirm their email to receive the vaccine.” The goal of this phishing campaign was to steal Microsoft 365 login credentials. 

“This campaign was notable because it capitalized on the recent government approval of vaccines and the rush to receive it. Specifically, the email talks about "Government approval of the COVID-19 vaccine" and provides a link where one can supposedly register to receive it. At the time of this campaign, the vaccine in the United States was still available to first responders and doctors on the front lines,” said researchers.

On January 11, researchers observed another small (under 100 emails) BEC email campaign targeting various US industries. This email only briefly mentions the COVID-19 vaccine but adds urgency - a common BEC technique - to the follow-up request: "Please give me your personal number." 

“This attempt to increase the stress by giving the recipient less time to think about their response and allowing the attacker to pivot outside of a protected ecosystem,” said researchers.

Two other campaigns abused the World Health Organization logo and name to spread trojans and keyloggers and the DHL brand to steal email login credentials. Both used news on COVID-19 vaccines to lure victims into clicking on malicious links.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
How COVID accelerated Kreston Reeves’ agile transformation
cloud computing

How COVID accelerated Kreston Reeves’ agile transformation

6 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021