Cybersecurity News in Asia

Features
- Featured
  
  How to talk to your board and C-suite about cyber-preparedness
  
  Thursday, June 1, 2023, 11:33 AM Asia/Singapore | Features, Newsletter, Tips
- Featured
  
  Ransomware trends APAC organizations should be mindful of
  
  Tuesday, May 30, 2023, 2:02 PM Asia/Singapore | Features, Malware & Ransomware
- Featured
  
  Generative AI – the cybercriminal’s latest tool of terror?
  
  Tuesday, May 23, 2023, 11:20 AM Asia/Singapore | Features
News
- Featured
  
  Automation and AI increase bot attack sophistication, evasiveness
  
  Thursday, June 1, 2023, 2:45 PM Asia/Singapore | Cyberthreat Landscape, News, Newsletter
- Featured
  
  Research sheds light on Cryptor-as-a-Service in the Dark Web
  
  Tuesday, May 30, 2023, 10:33 AM Asia/Singapore | News, Newsletter
- Featured
  
  Take a peek at ransomware victims’ failure points
  
  Tuesday, May 30, 2023, 10:13 AM Asia/Singapore | Malware & Ransomware, News, Newsletter
Opinions
Tips
Whitepapers
Awards 2022
Directory
E-Learning

News

Vaccine phishing: Want to be vaccinated earlier? Fill up this e-form!

By CybersecAsia editors | Tuesday, April 27, 2021, 10:34 AM Asia/Singapore

As vaccination campaigns worldwide hit speed bumps and diplomacy hurdles, cybercriminals are jumping on the chance to phish for personal data.

Scammers impersonating personnel from Singapore’s Ministry of Manpower have been targeting specific groups of people with phishing emails and calls promising enhanced eligibility for COVID-19 vaccinations.

In order to appear legitimate, the scammers use domains with names resembling that of the ministry, such as @ministryofmanpower. By tricking people who are anxious to receive the vaccination earlier, the phishing emails can convince them to input personal data into a fake e-form.

One email contained the following message: “As the vaccination exercise will be progressively rolled out for all working class over the next few weeks, we seek your assistance to take your time to fill your contact details in the attached contact form.”

Elsewhere, similar phishing emails and phone calls have already been in circulation, purporting to originate from employers, healthcare institutions and even government agencies.

Staying alert to vaccination scams

Regardless of the method of approach, the public should be wary of any kind of mechanism that requires them to visit any website to fill in personal data, One-Time Passwords, second-factor authorization codes or revelation/submission of sensitive data.

According to Ronald Lee, Managing Director, KnowBe4 Asia, newsworthy events are prime fodder for cybercriminals who are quick to hijack the incidents with phishing scams and attacks to try and obtain personal details or steal money.

“With the COVID-19 vaccine rollout underway and garnering much attention, it was only a matter of time until the bad guys tried to take advantage of this by crafting new attacks. (Everyone) should be particularly suspicious of any vaccine-themed emails or text messages, especially those containing attachments or instructing them to click on a link, as these messages could very well be part of a social engineering attack,” Lee said.

When in doubt, people should contact their doctor or healthcare provider through tried-and-trusted channels, instead of supplying sensitive information to unknown websites, text messages, or phone caller, said the cybersecurity expert.