Omicron Variant Phishing Emails in the Wild

[carding.store 7,673]

As we have seen throughout the pandemic, malicious threat actors will never shy away from an opportunity, no matter the morality of the situation.

Hospitals, vaccine manufacturers, and even people personally affected by the pandemic have all been targeted with cyberattacks in the last two years.

With the new COVID-19 variant, Omicron, making its way around the world, threat actors are using this opportunity to try and make a quick buck.

Which?, a consumer advocacy group based in the U.K., discovered that fraudsters are sending out phishing emails pretending to be the U.K. National Health Service (NHS) in an attempt to steal personal information and banking details.

What do Omicron phishing emails look like?

After learning threat actors were posing as the NHS and sending out phishing emails offering a free Omicron PCR test, Which? reported the website to the National Cyber Security Centre (NCSC), though they note similar scams are likely to follow suit.

Which? was able to get their hands on what one of the emails actually looks like:

The link leads to a spoofed copy of the NHS website that falsely claims the new variant requires new testing kits and asks users to enter their full name, date of birth, address, mobile phone number, and email address.

The fake site also asks for a payment of £1.24 for "delivery," and then invites you to add a security question to your account, such as "What is your mother's maiden name?" and other common security questions that could be used to emails and bank accounts.

The NHS tweeted this out upon learning of the scams:

This is a good time to warn employees, colleagues and families of this new twist to phishing attacks. 

Omicron phishing emails: just the latest Covid-19 aligned attack

SecureWorld News started tracking Covid-19 related cyberattacks at the beginning of the pandemic. In a SecureWorld podcast interview with Trend Micro Director of Threat Research Myla Pilao, she shared how the coronavirus is a hot topic, and a hot sales tool for hackers and cybercriminals who buy, sell and trade information on the dark web.

"This Dark Web world is just like your organization and my organization, right? They're very structured, they know what's happening in the real world. So as a result, they're really able to be agile, just like our organizations. In the case of COVID-19, sadly, is the fact that this is really an opportunity for them." 

She says there are three significant areas of interest that Trend Micro has tracked in the criminal underground.