Our Approach
Your Ultimate Guide to Human Layer Security
Find out why we created this new category nearly two years ago.
Solutions By Use-Case and Industry
CEO’s Guide to Data Protection and Compliance
Everything you need to know about compliance.
Human Layer Security Platform
Human Layer Security Platform Overview
Stops data breaches and security threats caused by employees on email.
Hear what they have to say
Building a Human Layer Security Culture at ARM
Focusing on Security Basics with Game Changing Technology.
Resource Categories
Spear Phishing Threat Landscape 2021
Based on the analysis of 2 million malicious emails, we outline the tactics bad actors are leveraging in spear phishing attacks, and how to defend against them.
Blog Categories
Read 5 Cyber Risks in Manufacturing Supply Chains
You're only as strong as your weakest link.
Securing the human layer
See All Open Roles
Find the fit for you.

Step Into The Future of Cybersecurity — Save your spot at the Human Layer Security Summit for free.

Request a Demo
Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.
Spear Phishing

How Hackers Are Exploiting The COVID-19 Vaccine Rollout

  • By Laura Brooks
  • 16 February 2021

Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.

Where there is uncertainty, there are cybercriminals. And the uncertainty surrounding the roll-out of the Covid-19 vaccine is creating the perfect environment for cybercriminals and their phishing scams.

According to new Tessian research:

  • 2,697 new website domains, related to the Covid-19 vaccine, were registered between 5 December 2020 and 10 January 2021. Many of these domains impersonate legitimate healthcare websites, tout misinformation around injection side effects, and falsely claim to offer guidance around timing and logistics of distribution to dupe people.
  • Some of the newly registered domains were confirmed as malicious. Tessian researchers found specific examples of domains that impersonate a legitimate O365 login in page and Apple ID login page. These pages have been designed to steal people’s account credentials.
  • 22% of the live domains take advantage of a technique called “typo-squatting” – a technique where one or two letters of a word are changed, in the hope that people make mistakes when typing the website into the URL bar or just simply miss the typo when landing on the page. One example of this is covidvaccime.com

Why do newly registered domains pose a threat?

The NHS recently issued a warning about scam emails that invite people to click on fake invitations to “register” for the vaccine. However, no registration is actually required for the real vaccine. The fake website, the BBC reports, also asks people for their bank details either to verify identification or to make a payment.

Often, scammers will register new domains to lure people to a page after they’ve clicked a link in a phishing email. Tessian researchers found that many of the vaccine-related websites contain online forms designed to harvest financial or healthcare information and, in some cases, steal people’s account credentials. For example, some of the confirmed-malicious websites impersonate an Office 365 or Apple ID page and prompt people to log-in and share their username and password.

People urgently want to find out things such as when they will get the vaccine, where can receive the jab, and many more want to research and understand potential side effects. As we’ve seen throughout the pandemic, cybercriminals are capitalizing on people’s desire for more information and are finding ways to trick people into clicking on links to fake websites or enter their valuable details.

An example of O365 impersonation on vaccine-related domain

Who is most at risk from the vaccine scams?

Anyone who is eligible for the vaccine, and anyone who is looking for information about the vaccine roll-out, should be wary about the websites they land on.

For example, concerns have been raised over U.S. health officials’ use of ticketing website Eventbrite to schedule vaccination appointments. Health departments have warned citizens of scams whereby fraudulent Eventbrite websites have been created, while The Tampa Bay Times reported that people had been charged money for vaccination slots that turned out to be fake.

One of the main concerns surrounding vaccine scams is how hackers will target older generations – those at the top of the list for the vaccine. A Tessian report published in 2020 – The Psychology of Human Error – found that people over 55 years old were the least likely to know what a phishing email was. Awareness is crucial; people must think twice before responding to these messages and be sceptical of emails or websites requesting payment or personal information at this time.

“Vaccines are the new “hot thing” for cybercriminals to use to trick people. Uncertainty over the vaccine roll-out and people's desire for information about how to get it has created the perfect storm for convincing phishing scams. ”
Tim Sadler CEO and co-founder of Tessian

Vaccine scams: what to look out for

Be wary of emails purporting to come from healthcare organizations asking you to click on links to ‘find out more’. Always check the sender name and address, particularly if you have received an email on your phone in order to verify the sender’s identity.

It’s also important to questions any websites that request personal data. Domains that spoof government healthcare websites, like the Centers for Disease Control and Prevention (CDC) are especially dangerous, as bad actors could potentially steal extremely sensitive information such as Social Security numbers and health information like insurance or medical history details.

At a time when phishing scams are rife, always think twice before entering your personal information online and remember, if it doesn’t look right, it probably isn’t.

Laura Brooks PR Director
Related posts
Follow Tessian
Copyright © Tessian Limited. All Rights Reserved. Company registered number 08358482.