Treasury Warns of Surging Covid-19 Vaccine Scams and Ransomware Threats

Fraudsters were already offering faster access than the distribution plan allowed
The Treasury Department warned that criminals were exploiting public desperation to jump the vaccination queue.

As the first COVID-19 vaccines began reaching American arms in late December 2020, the U.S. Treasury Department issued a warning that illuminated a darker parallel reality: where there is desperate hope, there is also exploitation. Criminals had moved swiftly to mirror the vaccine rollout with counterfeit doses, queue-jumping schemes, and ransomware aimed at the very supply chains carrying the cure. The warning arrived with particular gravity given that the Treasury itself had recently been breached in one of the most sophisticated federal intrusions in memory — a reminder that vulnerability and urgency, when combined, become an invitation.

  • Fraudsters were already selling fake vaccines and charging fees to skip the line before most Americans had any access at all.
  • Ransomware attacks were targeting not just hospitals but the manufacturing and distribution networks that determined whether vaccines reached people at all.
  • Phishing campaigns disguised as official vaccine guidance were designed to compromise the healthcare workers and administrators managing the rollout.
  • The Treasury Department's warning carried a haunting irony — it was itself among the federal agencies recently infiltrated in a sweeping, allegedly Russian-linked supply-chain attack.
  • Financial institutions and healthcare providers were urged to harden defenses immediately, even as the systems being built to distribute vaccines were still too new to be fully secured.

On the last Wednesday of December 2020, as COVID-19 vaccines began their first tentative journey into American communities, the U.S. Treasury Department issued a warning that criminals were already moving in. The alert described a surge in scams and cyberattacks designed to exploit the rollout — with ransomware identified as the gravest threat.

The schemes varied in sophistication. Some fraudsters were selling counterfeit vaccines, a problem the FDA had been tracking since the spring. Others were running a more brazen operation: charging people fees to jump the vaccination queue. With millions waiting and supplies uncertain, the promise of immediate protection was a powerful lure.

But Treasury's deeper concern was infrastructure. Organized crime groups were targeting the supply chains that manufactured and distributed vaccines, as well as the databases tracking who had received them. Phishing emails carrying fake vaccine information were circulating to trick healthcare workers into surrendering credentials or installing malware.

The warning carried a particular weight because Treasury itself had recently been among at least five federal agencies compromised in a sweeping, allegedly Russian-linked supply-chain attack — one so carefully constructed that investigators said it could take years to fully map.

What made the moment so precarious was the collision of desperation and fragility. The public was primed to believe rules could be bent for faster access. The systems hastily assembled to coordinate distribution had not yet been hardened. Treasury's message was stark: the race to save lives had also created a new landscape of targets, and vigilance was not optional.

On the last Wednesday of December 2020, as the first Covid-19 vaccines were rolling out across the country, the U.S. Treasury Department issued a stark warning: criminals were already moving in. The alert described a surge in cyberattacks and scams designed to exploit the vaccine rollout, with ransomware emerging as the most dangerous threat. Fraudsters were not waiting for the public to develop immunity—they were developing schemes to extract money and data while the nation's guard was down.

The scams took multiple forms. Some criminals were peddling counterfeit vaccines, a threat the Food and Drug Administration had been tracking since March as suspicious coronavirus-related products proliferated online. Others were running a more audacious con: offering people the chance to jump the vaccination queue for a fee, promising faster access than the official distribution plan allowed. The appeal was obvious. With millions waiting their turn and uncertainty about when supplies would reach them, the promise of immediate protection held real power.

But the Treasury Department's concern extended beyond simple fraud. Organized crime groups were actively seeking to obtain legitimate vaccine doses—not to distribute them, but to control them, to resell them, to hold them for ransom. This was not petty theft. This was infrastructure targeting. Ransomware attacks were being aimed at the supply chains that manufactured the vaccines themselves, the networks that coordinated their distribution, and the systems that tracked who had received them. Phishing emails were circulating with fake vaccine information, designed to trick healthcare workers and administrators into revealing credentials or downloading malware.

The warning carried particular weight because the Treasury Department itself had been compromised. It was among at least five federal agencies infiltrated that year in what experts described as a highly sophisticated supply-chain attack, allegedly orchestrated by hackers with ties to the Russian government. The breach was so carefully constructed, with so many layers of misdirection and cover-up, that investigators said it could take years to fully understand what had been stolen and how deep the intrusion went.

What made this moment especially precarious was the collision of urgency and vulnerability. The nation was desperate for vaccines. Healthcare systems were overwhelmed. The public was primed to believe that faster access was possible, that rules could be bent, that someone out there might have what they needed. Criminals understood this psychology perfectly. They also understood that the systems being hastily built to distribute the vaccine—new networks, new databases, new coordination channels—were not yet hardened against attack. The Treasury Department's message was essentially this: as we race to save lives, we are also racing to give criminals new targets. Vigilance, they said, was not optional.

Fraudsters have offered, for a fee, to provide potential victims with the vaccine sooner than permitted under the applicable vaccine distribution plan
— U.S. Treasury Department
Cybercriminals will continue to exploit the COVID-19 pandemic alongside legitimate efforts to develop, distribute, and administer vaccines
— Treasury Department officials
A Conversa do Hearth Outra perspectiva sobre a história
Inventor

Why would organized crime groups want actual vaccine doses? That seems like an odd target for ransomware.

Model

Because control of the vaccine was control of something people desperately wanted. You could hold a hospital's doses hostage for money, or resell them on the black market, or use them as leverage. It's the same reason criminals target insulin or cancer drugs—scarcity plus desperation equals profit.

Inventor

And the counterfeit vaccines—how would someone even pull that off? Wouldn't people notice?

Model

In the chaos of a rollout, maybe not immediately. A fake vial looks like a real one. People get injected, feel nothing wrong, and don't know until weeks later when they don't develop immunity. By then the scammer is gone.

Inventor

The Treasury Department itself was hacked. Doesn't that undermine their credibility in warning others?

Model

It actually makes the warning more credible. They're not speaking from theory—they're speaking from experience. They know what these attackers are capable of because they've seen it firsthand.

Inventor

What's the actual risk here? How many people would fall for these scams?

Model

That's the thing nobody could quantify. You only know about the scams that fail or get reported. The successful ones disappear into the noise. But when you're talking about a vaccine that millions of people need, even a small percentage of victims adds up to real harm.

Quer a matéria completa? Leia o original em Gizmodo ↗
Fale Conosco FAQ