Search
Close this search box.

Omicron spoof shows ongoing danger of COVID-inspired cyber crime

Share:

Threat actors’ efforts to exploit consumers’ anxieties around COVID-19 continue with the emergence of the Omicron variant.

A consistent effort is being made my cyber threat actors to exploit the new COVID variant within the community.

As we’ve mentioned previously, COVID-19 has in part been characterised in the digital realm by hackers duping unsuspecting and anxious consumers.

Now, information regarding the effectiveness of vaccines and contingencies adopted by states to minimize the spread is being used in malicious phishing campaigns.

Cyber threat actors across the globe are employing phishing tactics to capitalise on the rapidly evolving situation to lure in innocent victims. 

The most blatant attempt has taken place in the UK, where the National Health Service (NHS) was mimicked in an attempt to scam consumers.

Free Omicron PCR Test used as bait

A free Omicron PCR test that allows consumers to avoid restrictions imposed by the British government was the lure in this case. 

With everyday people having had a gutful of lockdowns, people have indeed been attracted by the proposition. 

Twitter post Omicron scandal

People clicking the link are then pointed towards a fake NHS website where one can apply for a “COVID-19 Omicron PCR test”. 

Recipients must fill in a form with their data (name, date of birth, home address, mobile phone number, and email address), some security questions (i.e., mother’s maiden name), and finalize the procedure by making a payment of £1.24 ($1.65).

Information like name, DOB, home address, mobile/phone number, and email address, and some security questions are asked before finalising the payment.

The fields have been carefully curated to appear legitimate while credentials are stealthily stolen. The debit/credit card details are naturally captured through the small and seemingly innocuous purchase. 

Most countries’ health authorities never ask for financial details in an official email contact.

Authorities in charge are attempting to educate their communities about such issues, but far more needs to be done. 

It is a minor miracle nothing of the sort has yet happened in Australia at scale, though it sometimes feels like it is a matter of time. 

Somewhat humorously, the NHS was forced to publicise that “The NHS will NEVER ask for payment; the vaccine is free and does not require payment”.

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.
Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →