The Covid-19 pandemic has not just shaken the world but has also wreaked havoc in the cyber-world. The quarantine laws and social distancing enforcements that followed forced everyone to retreat to online spaces for their everyday work and interactions. This huge migration led to a surge in ransomware and hacking attacks all over the world, an unfortunate by-product of the coronavirus plague.
Now, after months of successful vaccine trials from around the world, we’re finally seeing what looks like the sunshine at the end of a dark and gloomy tunne. However, the same could not be said about cyberspace, as the online threat only serves to grow now that the Covid vaccines are here.
How Have Covid Vaccines Led to More Cyber Attacks?
The coronavirus has taken an unprecedented number of lives in the previous year and is highly contagious in nature. It has caused insurmountable levels of grief, fear and paranoia in the public, and malicious threat actors online aim to take advantage of that. People want to be vaccinated and want to make sure that their families and themselves can be protected from this deadly virus.
Consequently, they are now much more prone to phishing attacks than ever before. These orchestrated attacks employ complex social engineering tactics to breach millions of systems, data records and credentials. Ever since the first person was administered a vaccine for the Covid-19 virus, Webroot, a 363% surge in the number of phishing domains has been detected.
What to Expect in the Near Future
The scam that’s circulating websites and emails is offers of receiving the vaccination, either on a free trial or a paid procedure. These phishing attacks aim to deceive users as official websites of Covid-19 vaccine distributors. They then demand precious personal information such as email addresses, phone numbers, names, bank account details, and home addresses in order to ‘verify’ the authenticity of the user.
According to reports, more than 4500 domains that are using the same or similar scams on people during these troubling times. And 934 of these domain names used the word ‘vaccine’ to trick people into believing these sites and trusting their claims. Even phishing attacks that normally wouldn’t succeed are becoming incredibly effective in fooling users by capitalizing on their willingness to take such risks as long as they had a chance at getting the vaccine.
The social engineering used by the cyber-criminals in these attacks pairs up strategically well with the conditions of remote work. Personal computers and devices used by employees to access company resources and systems are a lot more prone to attacks and therefore pave the way for threat actors to infiltrate the systems.
“As 2021 brings the first mass vaccination programs to fight COVID-19, we’re already seeing cybercriminals exploiting the publicity and anticipation surrounding these to target businesses and consumers in phishing and domain spoofing attacks,” Nick Emanuel, a cybersecurity analyst, said.