LAS VEGAS (KLAS) — As the country and world is trying to move in the right direction of battling the coronavirus pandemic with efforts to get people vaccinated, criminals are looking for ways to scam.
A new study by Check Point researchers is warning the public to watch out for vaccine-related website scams. Researchers for Check Point said it documented a 300% increase in vaccine-related domain registrations within the last eight months. The number of websites deemed dangerous has increased by 29%, Check Point says.
To help users stay protected against vaccine scams, Check Point is issuing the following five tips:
- Watch for misspellings. Beware of misspellings or sites using a different top-level domain. For example, a .co instead of .com. Misspelling in domains is a string giveaway that deception is at play.
- Beware of “buy vaccine” offers. As tempting as it may be, it’s almost guaranteed to be a scam.
- Never share your credentials. Credential theft is a common goal of cyberattacks. Many people reuse the same usernames and passwords across many different accounts, so stealing the credentials for a single account is likely to give an attacker access to a number of the user’s online accounts.
- Be suspicious of password reset emails. If you receive an unsolicited password reset email, always visit the website directly (don’t click on embedded links) and change your password to something different on that site (and any other sites with the same password). By clicking on a link, you can reset the password to that account to something new. Not knowing your password is, of course, also the problem that cybercriminals face when trying to gain access to your online accounts.
- Note the language in the email. Social engineering techniques are designed to take advantage of human nature. This includes the fact that people are more likely to make mistakes when they’re in a hurry and are inclined to follow the orders of people in positions of authority. Phishing attacks commonly use these techniques to convince their targets to ignore their potential suspicions about an email and click on a link or open an attachment.