You are here: Covid-19
Mimecast has warned of phishing campaigns by global cybercriminals aiming to leverage the hype around vaccine rollouts, to trick unsuspecting users into potentially risky behaviour. The email campaigns were detected by Mimecast researchers, and include seemingly legitimate communication from HR departments asking recipients to register for surveys, view supposed vaccination schedules, or log into fake landing pages using their actual login details.
"Any person that makes the mistake of clicking on the links in these emails or submitting their real login details to the false websites could not only compromise their own security, but potentially put their entire organisation at risk," says Brian Pinnock, cybersecurity expert at Mimecast. "This highlights the need for organisations to conduct regular cybersecurity awareness training to ensure every employee knows how to identify - and more importantly, avoid - risky behaviour. This should be built into any security team’s defence in depth strategy, which ensures cyberattacks don’t make their way into an organisation, by using multiple layers of security, including having a cyber aware workforce. With interest in vaccine-related information at an all-time high as countries roll out COVID-19 vaccines, cybercriminals are seeing a golden opportunity to subvert user behaviour in their attempts at compromising company networks, with monetary gain the most likely objective."
Mimecast has provided a list of tips to help keep employees safe from this type of email-based attack: