New data from Barracuda Networks has revealed that hackers are taking advantage of the heightened focus on the COVID-19 vaccine and are increasingly using vaccine-related emails in their targeted spear-phishing attacks.
The findings, which were contained in Barracuda’s most recent Threat Spotlight, analysed phishing emails between October 2020 and January 2021. Interestingly, the number of vaccine-related spear-phishing attacks increased by 12% immediately following vaccine availability announcements from Pfizer and Moderna in November 2020. However, by the end of January 2021, following the continued successful rollout of the vaccine, the average number of vaccine-related spear-phishing attacks was up 26% since October.
In the time frame analyzed, Barracuda observed spikes in vaccine-related phishing activity centered around new updates, announcements and ground-breaking approvals from around the world. Researchers concluded that this is due to mass phishing campaigns centered around spiking public interest towards the vaccine, in an effort from the perpetrators to improve the effectiveness of their phishing attack campaigns.
Barracuda researchers identified two predominant types of spear-phishing attacks using vaccine-related themes: brand impersonation and business email compromise.
The former is an email attack form which is used to impersonate a well known brand or organisation and includes a link to a phishing website advertising early access to vaccines, offering vaccinations in exchange for a payment, or even impersonating health care professionals requesting personal information to check eligibility for a vaccine.
Business Email Compromise (BEC) attacks are instead used to impersonate individuals within an organisation or their business partners. Barracuda observed that recently these highly targeted attacks turned to vaccine-related topics. Common examples include impersonating employees needing an urgent favour while they are getting a vaccine or an HR specialist advising that the organisation has secured vaccines for their employees.
Fleming Shi, CTO for Barracuda Networks, commented: “Combatting this growing threat first requires individuals and employees to be skeptical of all vaccine-related emails, especially those offering early access to the vaccine, to join a waiting list, or have the vaccine shipped directly to you – as a precaution you should never click on links or open attachments in these emails.
“Scammers are also adapting email tactics to bypass gateways and spam filters, so it’s critical to have a purpose-built solution that uses machine learning to analyze normal communication patterns within your organization, so that it can also spot anomalies that may indicate an attack, or if an internal email has been compromised.
“Finally, establishing strong internal policies and training staffers on how to recognize and report all attacks, not just those pertaining to the vaccine, will be the most effective method to bolstering defenses against the ever-evolving email attack threat facing you.”