How to Avoid COVID-19 Vaccine Related Cyber Scams | 50 Free Resources + Safety Tips

The coronavirus, which was first detected in December 2019 in the city of Wuhan in China’s Hubei province, has spread to nearly every country around the world. Today, the virus continues to impact all of our lives, from our everyday interactions to the way we live and work. It has profoundly shaped the economic, political, and cultural aspects of society, with effects predicted to last for years to come.

The current global tally of both confirmed and presumptive positive COVID-19 cases has reached around 30.5 million, with over 554 thousand deaths reported among these cases, according to the Centers for Disease Control and Prevention (CDC). While there is hope that the vaccine rollout may reduce the spread of the virus, many have been unable to receive a dose due to shortages and supply chain challenges.

Because of the high demand and inadequate supply, scammers are taking advantage of people’s desperation through various forms of vaccine fraud. To help you better understand what these schemes are and how to avoid them, this article will provide you with the resources to identify and report vaccine fraud, protect your identity, and improve your cybersecurity hygiene so you can avoid new and emerging cyber threats.

What is vaccine fraud?

Now that several coronavirus (COVID-19) vaccines have become available, state and federal officials are working to distribute them across the United States. With that, the FDA has warned that fraudsters are attempting to profit off pandemic-related anxieties by selling treatments that claim to fight the virus despite having no proven effects. The fraudulent and misleading nature of these treatments raises concerns that Americans may delay or stop utilizing the correct medical treatment, which could result in serious and potentially life-threatening harm.

Here are some recent examples of vaccine fraud to give you an idea of what it looks like:

  • In March, 2021, the Department of Justice reported that a fraudulent biotech researcher from Washington state set up accounts on Facebook and used them to distribute an injectable COVID-19 vaccine he claimed to have developed. He offered to inject this fake — and potentially dangerous — vaccine into buyers for $400 – $1,000 per dose. He was subsequently arrested.
  • A February 2021 arrest in the Baltimore area was a result of a joint effort between the Food and Drug Administration and the Maryland Department of Health. Three men were each charged with registering a domain name and fabricating a website resembling that of vaccine maker Moderna with the intent to sell fake doses.
  • Vaccine fraud is not just unfolding in North America; it is affecting vulnerable individuals all over the globe. For example, in February 2021, 80 people in China were arrested for allegedly creating more than 3,000 doses of fake COVID-19 vaccines.

These schemes highlight the importance of remaining vigilant and informed. Our list of tips and free resources below can help you get started.

10 personal cybersecurity tips and best practices for protecting your health data

The first step to avoiding cyber-related vaccine scams is to practice strong cybersecurity hygiene. Here are 10 cybersecurity best practices that you can start applying today.

  1. Limit sharing personal information: Be wary about what information you divulge online including full names, e-mails, physical addresses, phone numbers, and other personal information unless you trust the organization collecting your information. According to the Better Business Bureau, you will never need to share bank account details, credit card information, or your Social Security number to schedule a vaccine appointment.
  2. Invest in virus protection: According to, hackers are using fake COVID-19 antivirus software to install backdoor malware. We recommend installing trusted anti-virus protection and anti-phishing tools on all of your devices (desktops, laptops, tablets, etc.) to prevent the spread of malicious files.
  3. Update your software: Stay up-to-date with all your software and operating system patches. According to an article on COVID-19 and cyber safety by NordVPN, hackers typically search for software vulnerabilities and bugs to gain illicit, remote access to devices. Frequently updating your software can improve security and prevent you from becoming a victim of a cyber attack.
  4. Be on guard for phishing: Do not open phishing emails from untrusted sources. You may be expecting an email from a friend, family member, or colleague, but open all attachments with caution. If you are expecting an email about a vaccine, make sure you check who the sender is before opening the attachment.
  5. Be careful what you click: Do not visit unknown websites or download software from untrusted sources. They may host malware that installs (often silently) and compromises your computer or other connected devices. Look for trusted sources of online vaccine information such as or your local government.
  6. Encrypt your personal data: By using encryption, you can prevent cyber criminals from stealing your personal information. This is especially important for your medical information as it is considered more valuable than a credit card.
  7. Beware of social engineering: Today’s attackers are exploiting human emotions and vulnerabilities to trick victims into giving up sensitive medical information. COVID-19 has unfortunately presented many opportunities for this, as people are anxious to hear new details concerning the vaccine. You can find out more about preventing COVID-19 social engineering attacks here.
  8. Keep your devices safe from physical attacks: Log off your computer when you’re done using it. For mobile users, you may use medical apps to record and store your medical data. It is important to make sure your devices are locked and password protected. We also recommend using two-factor authentication to protect your sensitive applications.
  9. Back up your data: Your personal information should be backed up so attackers cannot use it in ransomware-style attacks, during which you will be locked out of your personal account until you pay a ransom. This is particularly important as it pertains to health information, such as a medical history that you may need to be readily available.
  10. Practice good password management: While it’s easy to be complacent when it comes to passwords, it’s crucial that you maintain unique passwords for each of your accounts. If you are registering for a vaccine, chances are you are inputting personal information that you want to keep private and protected. A password management tool can help you keep this login information secure.

50 free resources for avoiding COVID-19 scams

Now that you know how to keep your personal information protected, check out these additional free resources.

Avoiding COVID-19 vaccine-related fraud:

How to Get a Vaccine: Search Vaccine Providers Near You | The CDC has created a search feature that allows you to find authorized vaccine providers near you.

3 Ways to Avoid a COVID-19 Vaccine Scam (Infographic) | This FTC infographic shares three ways to avoid COVID-19 vaccine scams.

Defending Against COVID-19 Cyber Scams | This Department of Homeland Security/CISA resource shares five tips to avoid COVID-19 cyber scams.

Recommendations for VPN Security | CISA has outlined a list of cybersecurity considerations when choosing a VPN platform.

Tips for Avoiding Coronavirus Scams (Infographic) | The FTC has created an infographic that shares five tips for avoiding coronavirus vaccine scams.

8 Tips on How to Avoid Coronavirus Scams | This Generali Global Assistance resource shares eight tips on avoiding coronavirus scams.

Coronavirus Phishing Awareness Kit | MediaPro has created a downloadable kit that can help you prevent phishing scams related to COVID-19.

Protecting Against COVID-19 Themed Phishing Attacks | Microsoft has shared a list of tips on how you can protect yourself against COVID-19 related phishing attacks.

How to Fact-Check and Verify Info During the Coronavirus Pandemic | This resource from Deccan Herald offers tips to help you verify information that you receive online.

Coronavirus Phishing Emails: How to Protect Against COVID-19 Scams | Norton Lifelock shares tips and examples on protecting yourself from COVID-19 phishing emails.

How to Stay Safe as Online Coronavirus Scams Spread | Trend Micro has created a quick guide to the key online threats around coronavirus and security tips to keep your information safe.

Beware of These COVID-19 Phishing Scams | This Wells Fargo resource reveals a list of COVID-19 phishing scams to be aware of.

Tips on Avoiding a COVID Scam | University of Maryland has created a list of tips on avoiding COVID scams. You can also find a list of vaccine locations in the Maryland area.

Spotting fake COVID-19 communication and misinformation:

How To Spot A Fake Covid-19 Vaccination Email | This resource from ID Medical offers a guide on how to spot fraudulent COVID-19 vaccination emails.

How to Spot Fake News – Covid Vaccine Edition | This resource can help you build the critical thinking skills to spot fake news related to the coronavirus vaccine.

Avoiding Bogus COVID Vaccine Surveys | This guide by the FTC shares tips on how you can detect and avoid fraudulent COVID vaccine surveys.

Spot the Scam: Smishing, Phishing Emails, and COVID Vaccine Scams | This article by Trend Micro shares examples of COVID-related phishing emails, texts, and more.

How to Spot Fake COVID Vaccine Texts | This Yahoo article shares advice on how to identify fake COVID vaccine text messages.

Beware of COVID-19 Vaccine Scam Websites | This WCVB article exposes fraudulent websites that are designed to mimic trusted sources of information.

How to spot a COVID-19 Vaccine Scam | This article by WBAY shares tips on how to identify and report a COVID-19 vaccine scam.

Reporting a COVID-19 vaccine scam:

COVID‐19 Complaint Form for Reporting Fraud | DOJ has created a COVID-19 complaint form that can be used to report instances of fraud.

Report Suspected Healthcare Fraud or Abuse | UnitedHealthCare has created a page where suspected instances of healthcare fraud or abuse can be reported.

Coronavirus Fraud Reporting Resources | The Journal of Accountancy has shared a list of resources for reporting coronavirus fraud.

Department of Justice’s National Center for Disaster Fraud Hotline | This DOJ hotline can be used to report any fraud related to COVID-19.

Protecting your identity if you’ve been a victim of a COVID-19 scam:

Warning Signs of ID Theft | has created a list of warning signs of ID theft. They have also provided a link for reporting ID theft.

Identity Theft Recovery Steps | The FTC has created a list of recovery steps if you have been a victim of identity theft.

How to Freeze Your Credit Files | This resource offers a guide for freezing your credit files to prevent fraudsters from opening or using your credit account.

Free Identity Theft Resources | has created a list of free resources to help you recover from identity theft.

Identity Theft: A Recovery Plan | has created an identity theft recovery plan to help you if you have been a victim.

Identity Theft: What to Know, What to Do | has created a downloadable infographic with helpful identity theft information.

Protect Your Identity: What Older Adults Should Know | The BCFP has created a guide for older adults to protect their identity.

National Organization for Victim Assistance | NOVA is the oldest national victim assistance organization in the U.S. Their website includes helpful resources for victims.

ID Theft Help App | Identity Theft Resource Center assists anyone with concerns about their identity hygiene, whether they have been a victim or they are looking to minimize their risk.

Protecting yourself through good cybersecurity hygiene during COVID-19:

Stolen Passwords List | BreachAlarm is a service that lets you anonymously verify if your password has been posted online. You can also sign up for breach notifications.

How to Find Out if Your Password Has Been Stolen | This article by PCMag offers a guide on how to determine if your password has been stolen.

How to View Gmail Login History | This guide will show you how to check your Gmail login history for any unusual activity.

Has Your Password Been Stolen? Here’s How To Find Out | This Forbes article can help you find out if your password has been breached.

Your Comprehensive Guide to Prevent Email Spoofing | Security Boulevard has created an in-depth guide to help you prevent email spoofing with helpful examples.

Two-Factor Authentication: Who Has It and How to Set It Up | This PCMag article explains the importance of two-factor authentication and how to get started with it.

How to Set up Two-Factor Authentication on All Your Online Accounts | This article from The Verge offers a guide on setting up two-factor authentication on your online accounts.

Multi-Factor Authentication for Seniors | This guide by Global Wealth Advisors is designed to help seniors set up multi-factor authentication on their devices.

Helping your patients avoid COVID-19 vaccine fraud
(Free resources for healthcare professionals):

How to Help Your Patients Avoid COVID-19 Vaccine Scams | This article shares advice for healthcare professionals on helping patients avoid COVID vaccine scams.

Guiding Principles for Nurses and the COVID-19 Vaccines | This resource from the American Nurse Association shares a helpful list of guidelines for nurses.

COVID-19 Vaccination Administration Training and Educational Resources | The ADA has curated a list of helpful resources related to COVID vaccination.

Quick Answers for Healthcare Professionals to Common Questions People May Ask About COVID‐19 Vaccines | The CDC has outlined a list of quick answers to common COVID-19 questions that people may ask.

COVID‐19 Vaccine Communication Toolkit | This CDC toolkit is designed to help educate communities on the importance of COVID-19 vaccines.

Ransomware Help for Coronavirus Healthcare Providers | This resource offers free help for hospitals and healthcare providers that have been impacted by ransomware attacks.

Free eLearning Modules: COVID-19 Healthcare Cybersecurity | Saegis has released a free eLearning course for physicians and their healthcare teams.

COVID-19 Vaccine Questions and Answers for Healthcare Providers | This Canvax resource shares a list of helpful questions and answers related to COVID vaccines.

Get Boot Camp Info


Step 1 of 6