Combating Tax, Vaccine-Related Phishing Emails
Channel Futures: What are these cyberattackers trying to accomplish with emails tied to vaccines?
Vade Secure’s Sebastien Goutal: One of the most common emails we are seeing is offering a free reward if they fill out a vaccine survey. The victim simply has to pay the “shipping fee” to get the reward. However, these rewards, ranging from 100% natural CBD oil to wireless earbuds, are never shipped.
The end goal of the attacker is a payday. They then get the money meant for shipping. And they often are able to collect information like their shipping address and name that can be sold to the highest bidder on the dark web.
CF: What should organizations and individuals be on the lookout for?
SG: Organizations and individuals should be on high alert at all times, but especially in these times where attackers have so much timely content to leverage, such as COVID-19 and tax season.
Some things to check for are if the email only contains an image that mimics the html content of the email or if they use homoglyphs/look-alike letters,” he said. “Both of these are tactics that bypass security and filtering technologies. And thus it is often on the end user to identify these as fraudulent. When receiving an email, individuals should also pause and think, if it looks too good to be true, it likely is. In the case of the vaccine and current threats, getting a $90 reward just for taking a quick online survey looks too good to be true, because it is.
