Cyber fraudsters continue to find new ways to steal users' data. The promise of vaccines, an entirely new category of opportunities since last year, has become one of the most profitable methods for scammers. They have used COVID-19 related spam messages and phishing pages extensively for this. According to the new Kaspersky report, in the 2021st quarter of 1, spam and phishing scams focused on the vaccination process this time.
Kaspersky experts have discovered several types of phishing pages scattered around the world for this purpose. In addition to spam emails, recipients are invited to qualify for vaccination, take a survey or test for COVID-19. For example, some users in the UK are sent an email that appears to come from the country's National Health Service. After the recipient confirms his alleged vaccination request by following the link, he is invited to be vaccinated, but is asked to enter the user's personal data, including bank card information, in a form in order to make a vaccination appointment. As a result, victims hand over their financial and personal data to the attackers.
Another way to gain access to users' personal data is through fake vaccine surveys. Scammers send emails on behalf of the major pharmaceutical companies that produce COVID-19 vaccines inviting the recipient to take a short survey. All participants are promised a gift to participate in the survey. After answering the questions, the victim is directed to the page containing the so-called gift. To receive the award, users are asked to fill in a detailed form containing personal information. In some cases, the attackers are also requested money for the delivery of the prize.
Kaspersky experts have recently encountered spam letters offering services on behalf of Chinese manufacturers. Although it was claimed that products were offered to diagnose and treat the virus in e-mails, the real emphasis was on the promise of vaccine sales.
Tatyana Shcherbakova, Kaspersky Security Specialist, says: “We see that the trends in this area in 2021 and 2020 continue. Cybercriminals are actively using the COVID-19 theme to persuade potential victims. As coronavirus vaccination programs became widespread, spammers embraced this process as bait. While these types of offers may seem very tempting, it's important to be aware that they have nothing to offer you in the end. If the user is alert to the so-called lucrative offers distributed online, they can avoid losing data and in some cases even money. ” said.
To avoid being victims of fraud, Kaspersky offers users the following advice:
- Be skeptical of unusually generous offers and promotions.
- Verify that the messages are from trusted sources.
- Track links from suspicious emails, instant messages, or social networking communications.
- Check the authenticity of the websites you visit.
- Use a security solution with up-to-date databases of information about the latest phishing and spam sources.