COVID-19 Vaccine and Research Scams

The Interview

Vaccines are Trending

November has certainly had the world in a tizzy with the US election, the surge in COVID-19 cases, and now the buzz about viable vaccine candidates (all that and we're only halfway through the month). Popular topics in mainstream media become popular topics for scams and SPAMs for the same reason—they drive clicks. In the world of fraud it's a numbers game, more clicks equals more chances to solicit victims so the trending scams mirror the trending news.

SMiShing is Trending

Last month we published a blog post about attackers using text messages to trick victims into clicking malicious links from their phones. That article cited package delivery problems as a pretext (cybersecurity jargon for backstory) for the campaigns. You can check out that story to see the reasons why text message scams are so effective but for now it should suffice to say that they are highly-effective.

Never to miss an opportunity, fraudsters are now using vaccine candidates and clinical research studies as pretexts for their campaigns.

Putting it All Together

So what does a Clinical Research SMiShing campaign look like and how can you identify them? There are a few identifiers we can look out for but always keep what your parents told you in mind: "If it sounds too good to be true, it probably is." (Thanks for that one and many others mom)

According to Sam Hume, VP of Data Science at CDISC, "Trials are intentionally not big money makers." Sam notes that it is generally considered unethical for clinical researchers to offer much more than reasonable, research-related expenses as payment for participation. If you are interested in participating, Sam offers the following legitimate resources:

Here are some of the things to be on the lookout for when you receive unsolicited messages about participating in a clinical research study:

  1. A pseudo 1800 # area code (e.g., 850)

  2. Most drug studies offer less than $300 per visit and you have to be qualified, $1200 may be reasonable but expect a multi-year participation commitment

  3. Beware of vague domains and not those affiliated with legitimate pharmaceutical companies

  4. 'stop2stop' really? Most scammers miss getting the details right, look for spelling errors and sloppy extras in the message

As a reminder, SEVN-X is committed to consumer safety. If you are concerned about the legitimacy of a message you receive, you can email us at consumerquestions@sevn-x.com and an experienced cyber security expert can help you determine if a message is fraudulent.

Previous
Previous

Phishing, Ransomware, Breaches: Protect Your Organization

Next
Next

Multifactor Authentication and You