Emerging guidance from state and federal agencies indicate that cyber criminals are now aggressively targeting the healthcare community with COVID vaccine-related attacks.
Threats include phishing, fraud, scams, ransomware, and denial of service campaigns as well as attempts to disrupt vaccine supply chains and/or drug diversion. The campaigns will likely be perpetrated through malware attacks and cleverly crafted COVID vaccine-themed emails and/or texts. It is also possible that media coverage related to our institutions’ role in vaccine administration may result in our students, faculty, and staff being more heavily targeted.
Here are some of the most common indicators that indicates a likely scam or attack:
- Any message that communicates a tremendous sense of urgency and attempts to rush you into purchasing/reserving COVID vaccine for yourself and your family.
- Cyber-criminal are targeting your credentials; consider all requests for your password and other private information as suspicious.
- Any message pressuring you into bypassing or ignoring our security policies and procedures. Commonly, phishing messages will urge you to click on a link or reply within a short timeframe before locking or terminating your account and deleting your data.
- Be very suspicious of unexpected phone calls, emails and text messages that pretend to be from a university official or member of a government organization urging you to take immediate action. Attackers can be very bold and may attempt to call or send increasingly threatening messages.
Contact Information Security at infosec@uthscsa.edu and 210-567-0707 with any questions about how to protect yourself from cyber criminals and immediately report suspicious activity or messages.