If you work for a health organization particularly those involved with Covid-19 be on guard for phishing emails related to the Covid vaccine. Today, the Rhode Island Dept of Health warned its users about an attempted phish that impersonated one of their physicians. The scammers probably hoped to gain access to the network or email accounts and gain access to storage and distribution strategies.
Expect this to continue and to become more sophisticated and targeted. If you are working in this scenario you need to inoculate your users as ASAP. Here’s the link to story.
GoLocalProv | NEW: RI Dept. of Health Warns of Vaccine Phishing Scam
I received a low level Covid /WHO phish this morning that was old school and easily recognizable. It improvised the typical Nigerian 419 scam. Had all the red flags including: email address not from WHO. Offered to load a million dollars into an ATM near me. Everyone knows you can make unlimited withdrawals from ATMs . The most sophisticated part about it was the Google drive link. This one bypassed Outlook 365 filters.
IBMx X Force recently identified a campaign targeting the cold supply chain. We blogged about it.
Phishing Campaign Targets COVID Vaccine Cold Supply Chain (knowbe4.com)