12/10/20 | Emerging guidance from state and federal agencies indicate that cyber criminals are now aggressively targeting the healthcare community with COVID vaccine-related attacks

Emerging guidance from state and federal agencies indicate that cyber criminals are now aggressively targeting the healthcare community with COVID vaccine-related attacks.  Threats include phishing, fraud, scams, ransomware, and denial of service campaigns as well as attempts to disrupt vaccine supply chains and/or drug diversion.  The campaigns will likely be perpetrated through malware attacks and cleverly crafted COVID vaccine-themed emails and/or texts.  Finally, media coverage and press releases related to our institutions role in vaccine administration will likely result in our students, faculty, and staff being more heavily targeted.

Here are some of the most common indicators that the phone call, text or email is likely a scam or attempted cyberattack:

  • Any message that communicates a tremendous sense of urgency and attempts to rush you into purchasing/reserving  COVID vaccine for yourself and your family.
  • Cyber-criminal are targeting your credentials; consider all requests for your password and other private information as suspicious.
  • Any message pressuring you into bypassing or ignoring our security policies and procedures.  Commonly, phishing messages will urge you to click on a link or reply within a short timeframe before locking or terminating your account and deleting your data.
  • Be very suspicious of unexpected phone calls, emails and text messages that pretend to be from a university official or member of a government organization urging you to take immediate action.  Attackers can be very bold and may attempt to call or send increasingly threatening messages.
  • Individuals prioritized for vaccination will receive an email from Dr. William Henrich with a link to schedule your appointment.  Once your vaccination is scheduled, an email from UTMSA_DoNotReply.edu will be sent with confirmation and/or a link for instant activation in EPIC MyChart.  This will be your indication that these communications are valid.

Please contact Information Security at infosec@uthscsa.edu and 210.567.0707 with any questions about how to further protect yourself from cybercriminals and immediately report suspicious activity or messages.

Article Categories: Timely Updates