Online scammers are now using the Covid-19 vaccination process to dupe unsuspecting victims and gaining access to their financial and personal data.
A survey conducted by Kaspersky, a global cybersecurity and digital privacy company, dubbed “Spam and Phishing in Q1 2021” showed that online fraudsters have devised several ways of making money in the pandemic period. Key among them is use of spam letters and phishing pages to extract information from their targets.
Through spam letters, recipients are invited to get a vaccine, but before that, they have to take part in a survey, or to diagnose Covid-19. For instance, some users from the UK received an email that appeared to come from the country’s National Health Service. The recipient was invited to be vaccinated, having first confirmed their desire to be vaccinated by following the link.
One then needed to make an appointment by filling in a form with their personal data, including bank card details. As a result, they handed their financial and personal data to the attackers.
Another common way the fraudsters are gaining access to users’ personal data has been through fake vaccination surveys. Big pharmaceutical companies producing Covid-19 vaccines have also been misused by the conmen who send emails on their behalf to thousands of recipients inviting them to take part in some short surveys regarding the vaccines being produced.
To make the survey more enticing, all participants are promised a gift should they complete the survey which has a few questions. Upon completion, the victims are redirected to a page with the “gift”.
“To receive the prize, users were asked to fill out a detailed form with personal information. In some cases, the attackers asked for payment of a token amount, for delivery,” the Kaspersky report stated.
So dire was the situation in America that the Federal Trade Commission (FTC) issued a warning on March 24, cautioning its citizens from responding to the increasing spam emails and texts asking them to complete a limited-time survey about Pfizer, Moderna or AstraZeneca vaccines.
“If you get an email or text like this, Stop. It is a scam. No legitimate surveys ask for your credit card or bank account number to pay for a free reward,” FTC warned.
This was just two months after a man was arrested in Washington State for advertising fake Covid-19 vaccines online. He would sell them for as much as 1,000 US dollars and even injected people with an unknown substance, said the Department of Justice, which was investigating the matter.
Among the key targeted individuals of the scammers are people in dire need of the vaccination but they still have no means of accessing it. A Forbes.com report in January showed how a Tennessee woman was conned by an unknown caller, who identified himself as “Advanced Medical Group”. The caller told her she was eligible for the Covid-19 vaccine but she first needed a Covid-19 test.
The victim told the caller that she could not drive to where he had told her she could get the vaccine and she also had no way of getting the test. The conman told her that as long as she was on Medicare, (an equivalent to NHIF in Kenya), all she needed to do was send him her Medicare number, name and address and he promised to visit her house to administer the test and vaccine. That was the last time she heard from him. He vanished with all her credentials.
Kaspersky also found spam letters offering services on behalf of Chinese manufacturers. The emails offered products to diagnose and treat the virus, but the emphasis was on the sale of vaccination syringes.
Ms Tatyana Scherbakova, a leading security expert at Kaspersky said cybercriminals are still actively engaged in using the Covid-19 theme to entice and then con potential victims, and have devised a subtler and more appealing way to do so.
“As coronavirus vaccination programmes have been rolled out, spammers have adopted the process as bait. It is important to remember that though such offers may look very favourable, the likelihood of a successful deal is zero,” she said.
“The user can avoid losing data or, in some cases, money, if they remain vigilant to the supposed lucrative offers distributed online,” she added.
To avoid being a victim to the current wave of cyber-crime and duping, Kaspersky recommended that internet users be sceptical of any unusually generous offers and promotions. Should you find any message inviting you to a survey, the first step, the cyber security firm says, should be to verify that messages are coming from reliable sources.
One should also not to follow links from suspicious emails, instant messages or social network communication and also check the authenticity of websites they visit.
“People should also install a security solution with up-to-date databases that include knowledge of the latest phishing and spam resources,” Kaspersky concluded.