Australia’s COVID vaccinations a shot in the arm for cybercrime

Amidst ongoing scam success, CSOs must double down on user training to combat the growing threat of “undertrained” users.

A hacker targets a sitting duck  >  easy target / easy pickings / victim targeting
Vasif Bagirov / Getty Images / Thinkstock

A flood of new phone- and SMS-based scam losses reported by Telstra—and an anticipated surge as Australia’s COVID-19 vaccine rollout finally gets under way—highlight just how much scam-hit remote workers continue to be a thorn in CSOs’ sides.

Now that the seasonal spike of Valentine’s Day romance scams has passed—and based on the experience of countries where COVID-19 vaccinations have already been rolled out—cybersecurity experts are urging Australian companies to brace themselves for a surge in vaccine-related scams as Australia begins administering the long-awaited Pfizer jabs on 22 February 2021.

A “significant number” of new Australian domain names—more than 5,000 in the last two months—have already been registered “with a specific focus on vaccination”, said Michael Connory, CEO with security consultancy Security in Depth.

“We’ve been able to track and see the crime gangs specifically target the UK, USA, Canada, and other countries with rollouts, so we know [an Australian upsurge] is definitely coming. The initial focus is to try and harvest as many credentials as you can possibly get by recreating government websites and government type messages,” he said, warning Australian businesses to expect a surge in scam emails promising information about how to get vaccinated, ways to get the more-broadly efficacious Pfizer vaccine instead of the locally manufactured Oxford-AstraZeneca alternative, and other hot-button issues.

As usual, cybercriminals will be dutifully harvesting personal details and taking payments for purported queue-jumping, as well as the inevitable array of SMS, phone, and other email scams. And despite the fact that people should know better by now, Connory fully expects many will continue to get taken in by the scams. “We’ve been watching this happen over and over again in different forms for the past decade,” he said. “After a while, you just become jaded and a little frustrated.”

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.