The coronavirus, which was first detected in December 2019 in the city of Wuhan in China’s Hubei province, has spread to nearly every country around the world. Today, the virus continues to impact all of our lives, from our everyday interactions to the way we live and work. It has profoundly shaped the economic, political, and cultural aspects of society, with effects predicted to last for years to come.
The current global tally of both confirmed and presumptive positive COVID-19 cases has reached around 30.5 million, with over 554 thousand deaths reported among these cases, according to the Centers for Disease Control and Prevention (CDC). While there is hope that the vaccine rollout may reduce the spread of the virus, many have been unable to receive a dose due to shortages and supply chain challenges.
Because of the high demand and inadequate supply, scammers are taking advantage of people’s desperation through various forms of vaccine fraud. To help you better understand what these schemes are and how to avoid them, this article will provide you with the resources to identify and report vaccine fraud, protect your identity, and improve your cybersecurity hygiene so you can avoid new and emerging cyber threats.
What is vaccine fraud?
Now that several coronavirus (COVID-19) vaccines have become available, state and federal officials are working to distribute them across the United States. With that, the FDA has warned that fraudsters are attempting to profit off pandemic-related anxieties by selling treatments that claim to fight the virus despite having no proven effects. The fraudulent and misleading nature of these treatments raises concerns that Americans may delay or stop utilizing the correct medical treatment, which could result in serious and potentially life-threatening harm.
Here are some recent examples of vaccine fraud to give you an idea of what it looks like:
- In March, 2021, the Department of Justice reported that a fraudulent biotech researcher from Washington state set up accounts on Facebook and used them to distribute an injectable COVID-19 vaccine he claimed to have developed. He offered to inject this fake — and potentially dangerous — vaccine into buyers for $400 – $1,000 per dose. He was subsequently arrested.
- A February 2021 arrest in the Baltimore area was a result of a joint effort between the Food and Drug Administration and the Maryland Department of Health. Three men were each charged with registering a domain name and fabricating a website resembling that of vaccine maker Moderna with the intent to sell fake doses.
- Vaccine fraud is not just unfolding in North America; it is affecting vulnerable individuals all over the globe. For example, in February 2021, 80 people in China were arrested for allegedly creating more than 3,000 doses of fake COVID-19 vaccines.
These schemes highlight the importance of remaining vigilant and informed. Our list of tips and free resources below can help you get started.
10 personal cybersecurity tips and best practices for protecting your health data
The first step to avoiding cyber-related vaccine scams is to practice strong cybersecurity hygiene. Here are 10 cybersecurity best practices that you can start applying today.
- Limit sharing personal information: Be wary about what information you divulge online including full names, e-mails, physical addresses, phone numbers, and other personal information unless you trust the organization collecting your information. According to the Better Business Bureau, you will never need to share bank account details, credit card information, or your Social Security number to schedule a vaccine appointment.
- Invest in virus protection: According to ND.gov, hackers are using fake COVID-19 antivirus software to install backdoor malware. We recommend installing trusted anti-virus protection and anti-phishing tools on all of your devices (desktops, laptops, tablets, etc.) to prevent the spread of malicious files.
- Update your software: Stay up-to-date with all your software and operating system patches. According to an article on COVID-19 and cyber safety by NordVPN, hackers typically search for software vulnerabilities and bugs to gain illicit, remote access to devices. Frequently updating your software can improve security and prevent you from becoming a victim of a cyber attack.
- Be on guard for phishing: Do not open phishing emails from untrusted sources. You may be expecting an email from a friend, family member, or colleague, but open all attachments with caution. If you are expecting an email about a vaccine, make sure you check who the sender is before opening the attachment.
- Be careful what you click: Do not visit unknown websites or download software from untrusted sources. They may host malware that installs (often silently) and compromises your computer or other connected devices. Look for trusted sources of online vaccine information such as CDC.gov or your local government.
- Encrypt your personal data: By using encryption, you can prevent cyber criminals from stealing your personal information. This is especially important for your medical information as it is considered more valuable than a credit card.
- Beware of social engineering: Today’s attackers are exploiting human emotions and vulnerabilities to trick victims into giving up sensitive medical information. COVID-19 has unfortunately presented many opportunities for this, as people are anxious to hear new details concerning the vaccine. You can find out more about preventing COVID-19 social engineering attacks here.
- Keep your devices safe from physical attacks: Log off your computer when you’re done using it. For mobile users, you may use medical apps to record and store your medical data. It is important to make sure your devices are locked and password protected. We also recommend using two-factor authentication to protect your sensitive applications.
- Back up your data: Your personal information should be backed up so attackers cannot use it in ransomware-style attacks, during which you will be locked out of your personal account until you pay a ransom. This is particularly important as it pertains to health information, such as a medical history that you may need to be readily available.
- Practice good password management: While it’s easy to be complacent when it comes to passwords, it’s crucial that you maintain unique passwords for each of your accounts. If you are registering for a vaccine, chances are you are inputting personal information that you want to keep private and protected. A password management tool can help you keep this login information secure.