Cybercriminals ruthlessly exploited the coronavirus pandemic to set up phishing websites that posed as Pfizer, BioNTech and other household-name suppliers of vaccines and PPE, according to Palo Alto Networks.
In a post published today, Palo Alto's Unit 42 threat intel division said COVID-themed phishing lure URLs "largely centered around Personal Protective Equipment (PPE) and testing kits in March 2020, government stimulus programs from April through the summer 2020 (including a fake US Trading Commission website that posed as the US Federal Trade Commission in order to steal user credentials) and vaccines from late fall 2020 onward."
It added that it had seen 69,950 phishing URLs between January 2020 and January 2021 which focused on "COVID-related topics". Government support schemes were a big theme in Q1 2021, peaking in May and tailing off as hospital-themed bait grew in popularity.
Unit 42's researchers found the latter included "a fake Pfizer and BioNTech website also stealing user credentials." This broadly matched findings from a year ago published by British police's National Fraud Intelligence Bureau.
Online face mask sales scams, 400% uptick of coronavirus phishing reports: Brit cops' workload shifts online along with the nation's
Unit 42 reckoned Microsoft was the most impersonated brand targeted by phishing criminals, with Redmond-themed pages being set up to steal credentials from employees of US grocery firm Walgreens, Canadian drug manufacturer Pharmascience, India's Glenmark Pharmaceuticals and more – including a Chinese pharma firm.
Microsoft didn't take that lying down; in July it filed a US la ..