Suspicious Vaccine-Related Domains Triple

The number of suspicious domains that feature the word "vaccine" in their title increased by almost 100% in the month after the first Pfizer COVID-19 vaccine was given outside of a clinical trial.

British grandmother Margaret Keenan became the first person in the world to receive the vaccine on December 8, 2020, a week before her 91st birthday. 

New research by American cybersecurity software company Webroot observed that December 8 through January 6, there was an 94.8% increase in suspicious domain names using "vaccine" compared with the previous 30 days.

When compared with the month of March 2020, the total use of the word "vaccine" within suspicious domain names between December and January 6 was found to have increased by 336%.

“As 2021 brings the first mass vaccination programs to fight COVID-19, we’re already seeing cybercriminals exploiting the publicity and anticipation surrounding these to target businesses and consumers in phishing and domain spoofing attacks," said Nick Emanuel, senior director of product at Webroot.

"Scams using keywords based on emotive subjects concerning medical safety and the pandemic are always going to be more effective, especially when they’re in the public interest."

Webroot’s Real-Time Anti-Phishing protection system detected a rise in malicious URLs using other words related to the pandemic.

Over 4,500 new suspicious domains were found, which contained a combination of words relating to "COVID-19," "Corona," "Vaccine," "Cure COVID," and others.

The word "vaccine" was specifically included in the title of 934 domains, while misspellings of "vaccine" cropped up in 611 more. 

"COVID" was in the title of 2,295 suspicious domains, and "Test" or "Testing" appeared in the title of 622 domains.

Threat actors also appeared to be using public interest in travel restrictions as a phishing lure. Among the suspicious domain titles flagged by researchers were "COVID Validator," "Testing Update," "COVID Travelcard," and "Private Vaccine."

"For individuals, defending against these kinds of attacks should involve security awareness training and remaining vigilant in scrutinising the types of emails they receive," said Emanuel. 

"This should also be underpinned by cybersecurity technology such as email filtering, anti-virus protection, and strong password policies.”

What’s Hot on Infosecurity Magazine?