COVID-19 Test-Related Phishing Scams Jump 521% Into January
New data shows a massive increase between October 2021 and January 2022 in phishing attacks focusing on one of the world’s current concerns for home and in-office testing.
We’ve seen a recent alert from the U.S. Department of Health and Human Services’ Office of the Inspector General about scams focused on “offering COVID-19 tests, HHS grants, and Medicare prescription cards in exchange for personal details, including Medicare information.” So, it’s no surprise to see new data coming in from security vendor Barracuda highlighting a massive increase in the number of COVID-19-related scams.
According to Barracuda, a number of common themes are being seen:
- Sales of tests, masks, and gloves
- Fake notifications of unpaid test orders (providing a Paypal account to send payments)
- Impersonation of testing labs or providers
From what Barracuda is seeing, these attacks are focused on the usual bounty:
- Personal details
- Payment / Credit Card information
- Microsoft 365 credentials
Regardless of the ultimate goal, any of these scams are potentially dangerous; the recent availability of insurance paying for home test kits puts the testing for COVID-19 front and center in the minds of everyone.
But, at the end of the day, these scams still show the usual signs of being fraudulent: impersonated brands, poorly-written email content, and mismatched sender email addresses. Organizations concerned about such scams should consider Security Awareness Training to ensure users are continually vigilant against both the obvious and no-so-obvious COVID-19 scams.