Makerere University

Enter a keyword or two into the search box above and click search..

CYBER ALERT - COVID-19 Vaccine Phishing SCAM

You are here


Dear staff,

Good evening to you all.

We do thank you for always taking keen interest and notice of the many cyber communications we make as regards ICT.
We continue to see vigilance through the feedback from many of you. We do appreciate, this means that we are surely building a critical mass of staff who are aware and ready to learn some more.


According to Ionut Ilascu of Bleeping computer, they revealed and we quote "Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus."

Makerere University under CHS is very much involved in the COVID19 vaccine research and this message calls for our vigilance and critical attention.

A cybersecurity advisory published today by the National Cyber Security Centre (NCSC) in UK, details that the adversary has been running these attacks throughout 2020 against entities in Canada, UK, and the US.

The People in the U.S. and the U.K have therefore been alerted about the ongoing phishing attack around the Oxford Coronavirus vaccine.

The attack is suspected as mentioned earlier to be propagated by Russian hackers in the form of phishing emails with subject lines saying “Beware of the Oxford COVID-19 Vaccine or Beware of the Oxford Corona Virus Vaccine”. Researchers believe that the attack is meant to distribute malware.


1. They trick recipients into handing over personal information. When a link is clicked, that's a given for your credentials to be stolen.
So do not click links from suspicious sources. Always report them to us.
2. They install and propagate malware within a network through the downloaded attachments.
3. Right now most of the target is on Windows(Microsoft) based computers. No wonder most attachments will be word documents. When downloaded and macros enabled, you will have already given access.


1. Be vigilant about unsolicited emails.
2. Check the full email address on any message and be alert to hyperlinks that may contain misspellings of the actual domain name.
3. Do not supply login credentials or personal information in response to a text or email.
4. Forward such emails to us for analysis then delete the messages.
5. Always keep your computer/laptop/smart device up to date with the latest security patches.

For any inquiry, do not hesitate to reach us via or log a ticket via
We can also be reached via social media Twitter @DICTSMakerere and Facebook @MakDICTS

Kindest Regards