Exclusive: 336% increase in phishing domains found since first UK/global Pfizer vaccine dose
January 2021 by Webroot
Following the news that there has been an increase in COVID-19 vaccine scam messages, Webroot has released new statistics demonstrating how far cybercriminals are prepared to leverage the pandemic to their advantage.
In the month following the first UK/global Pfizer vaccine dose was given to 90-year-old Margaret Keenan, Webroot’s Real-Time Anti-Phishing protection system found a rise in malicious URLs and terms to target vulnerable people, using subjects like the vaccine, COVID Cures and travel to compel them to click on malicious links and open illegitimate emails. This includes:
Over 4,500 new suspicious domains found, which contained a combination of words relating to ‘COVID-19,’ ‘Corona,’ ‘Vaccine,’ ‘Cure COVID’ and more
934 domains specifically included the word ‘Vaccine’ within the title
611 domains contained a miss-spelling of the word ‘Vaccine’
2,295 contained ‘COVID’ in the title
622 domains contained the words ‘Test’ or ‘Testing’ in their title
Domain titles were extremely concerning, including titles such as: ‘COVID Validator,’ ‘Testing Update,’ ‘COVID Travelcard,’ ‘Private Vaccine,’ among others.
The total use of the word ‘vaccine’ found within suspicious domain names between the 8th December and 6th January was cited as a 336% increase when compared with the month of March 2020. Webroot also observed that there was an 94.8% increase during the 8th December to 6th January time period, when compared with the previous 30 days leading up to this first date. Nick Emanuel, Senior Director of Product at Webroot has provided his below thoughts on these findings:
“As 2021 brings the first mass vaccination programs to fight COVID-19, we’re already seeing cybercriminals exploiting the publicity and anticipation surrounding these to target businesses and consumers in phishing and domain spoofing attacks.
Scams using keywords based on emotive subjects concerning medical safety and the pandemic are always going to be more effective, especially when they’re in the public interest.
Remote work has forced many employees to use personal devices for business-related activities, which presents unique security concerns. With a higher prevalence of malware and generally fewer security defences in place, it’s easier for malware to slip into the corporate network via an employee’s personal device. For businesses, better security systems and training are key for protection, along with backing up data.
For individuals, defending against these kinds of attacks should involve security awareness training and remaining vigilant in scrutinising the types of emails they receive. This should also be underpinned by cybersecurity technology such as email filtering, anti-virus protection, and strong password policies.”