Vaccines are Trending
November has certainly had the world in a tizzy with the US election, the surge in COVID-19 cases, and now the buzz about viable vaccine candidates (all that and we're only halfway through the month). Popular topics in mainstream media become popular topics for scams and SPAMs for the same reason—they drive clicks. In the world of fraud it's a numbers game, more clicks equals more chances to solicit victims so the trending scams mirror the trending news.
SMiShing is Trending
Last month we published a blog post about attackers using text messages to trick victims into clicking malicious links from their phones. That article cited package delivery problems as a pretext (cybersecurity jargon for backstory) for the campaigns. You can check out that story to see the reasons why text message scams are so effective but for now it should suffice to say that they are highly-effective.
Never to miss an opportunity, fraudsters are now using vaccine candidates and clinical research studies as pretexts for their campaigns.
Putting it All Together
So what does a Clinical Research SMiShing campaign look like and how can you identify them? There are a few identifiers we can look out for but always keep what your parents told you in mind: "If it sounds too good to be true, it probably is." (Thanks for that one and many others mom)
According to Sam Hume, VP of Data Science at CDISC, "Trials are intentionally not big money makers." Sam notes that it is generally considered unethical for clinical researchers to offer much more than reasonable, research-related expenses as payment for participation. If you are interested in participating, Sam offers the following legitimate resources:
- A pseudo 1800 # area code (e.g., 850)
- Most drug studies offer less than $300 per visit and you have to be qualified, $1200 may be reasonable but expect a multi-year participation commitment
- Beware of vague domains and not those affiliated with legitimate pharmaceutical companies
- 'stop2stop' really? Most scammers miss getting the details right, look for spelling errors and sloppy extras in the message
You can watch the interview on NBC10's website by clicking here.
As a reminder, SEVN-X is committed to consumer safety. If you are concerned about the legitimacy of a message you receive, you can email us at email@example.com and an experienced cyber security expert can help you determine if a message is fraudulent.
Send Us Your Comments
What did you think of this article? Send us a note to let us know what you liked, would like to see more of, or what we can do better. And don't be surprised if we reach back out with a small 'thank you' gift for your feedback.