Connect with us

Hi, what are you looking for?

Tech & Science

Double check the message: Malicious actors are impersonating pharma companies

At a time when hospitals and patients are strained due to increasing COVID numbers, threat actors will continue to attack.

Pfizer says Covid pill 89% effective against severe disease
The Pfizer drug called Paxlovid achieved an 89 percent reduction in risk of hospitalization or death - Copyright AFP Arun SANKAR
The Pfizer drug called Paxlovid achieved an 89 percent reduction in risk of hospitalization or death - Copyright AFP Arun SANKAR

Threat actors are conducting a targeted phishing campaign impersonating the pharmaceutical company Pfizer, with the objective of stealing business and financial information from victims. Many of these fraud campaigns are jumping upon the COVID-19 vaccine that the drug firm produces.

The actors behind this campaign appear diligent in their phishing operations, unlike many of the more dubious attempts to defraud by email. The hackers, for example, combine “clean” PDF attachments with newly registered domains that appear as official Pfizer online spaces.

The intention here is for users to fill out the form, quoting their bank details and to email this back to the fraudsters. With the PDF not containing any malware it bypasses most of the types of email antivirus software.

Looking at this malicious activity for Digital Journal is David Pickett, Senior Cybersecurity Analyst at Zix | AppRiver.

Pickett says that the timing of the fraud is aimed at a point when people are distracted and preoccupied: “At a time when hospitals and patients are strained due to increasing COVID numbers, threat actors will continue to attack organizations as long as the financial gain for personally identifiable information and medical records exists.”

Looking at the specific forms of attack, Pickett draws out: “Email attackers are increasingly using customized spear phishing campaigns to target users, as we observed recent phishing campaigns where attackers masked their malicious intentions as urgent Pfizer product supply orders.”

There has been some success, but challenges remain says Pickett: “While we blocked this attack targeting customers, this is a great reminder for companies to examine their email security and backup solutions.”

Pickett adds that: “When available, organizations should implement multi-factor authentication which helps provide an extra authentication layer for verifying user logins. Organizations should use end-to-end email encryption for any message containing confidential or personally identifiable information and ensure their email security solution is capable of dynamically analyzing email attachments and URLs.”

Pickett further recommends: “If there is any suspicion about a message or transaction, it never hurts to call the sender. Most will be glad of your security protocols in place to help prevent fraud.” There are more best practices to consider, which Pickett concludes with: “Companies should also implement and periodically conduct security awareness training that encourages employees to flag suspicious messages and attachments received via email. With ransomware attacks at all-time highs, a quality backup solution to ensure data integrity and availability are a must to ensure continuity of business for a worst-case scenario.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Floodwater fills a cemetery as Hurricane Francine moves in on September 11, 2024 in Dulac, Louisiana - Copyright GETTY IMAGES NORTH AMERICA/AFP Brandon BellWill...

Business

Shares in UniCredit rose as its CEO said acquiring Commerzbank was a possibility - Copyright AFP Alexander NEMENOVUniCredit is studying a takeover of Commerzbank,...

Business

The Dutch city of The Hague has become the first in the world to pass local laws banning advertisements for fossil fuels.

Business

Products grown on recently deforested land will soon be banned from the European Union - Copyright AFP/File Jason RedmondBrazil said Thursday it has urged...