Security News > 2020 > December > Phishing campaign threatens coronavirus vaccine supply chain
The emails impersonate a member company of the COVID-19 vaccine supply chain to harvest account credentials, says IBM Security X-Force.
A calculated cybercriminal operation is targeting companies in the coronavirus vaccine supply chain with phishing emails that appear to be designed to steal sensitive user credentials, IBM Security X-Force said in a report released Thursday.
Spotted this past September, the phishing campaign deploys emails spoofing a business executive from Haier Biomedical, a legitimate member company of the COVID-19 vaccine supply chain and reportedly the world's only complete cold chain provider.
The phishing emails contain phony requests for quotations related to the Cold Chain Equipment Optimization Platform program, an initiative launched in 2015 by Gavi-The Vaccine Alliance and other partners to strengthen vaccine supply chains and ensure a smooth medical response to outbreaks of infectious diseases.
"It is a high alert for a targeted phishing campaign against the COVID vaccine supply chain. As the cure for COVID is essentially the most valuable thing in the world in 2020, and attackers always go for what is of value, this was a sort of an inevitable scenario."