Concerns over bots scooping up COVID vaccine appointments

Threat of bots scalping vaccine appointments

As pharmacies open sign-ups to get the COVID vaccine, they are also stepping up security against a new cyber-threat targeting the rollout.

NEW YORK - The rollout of the coronavirus vaccine is coming to pharmacies like CVS and Walgreens, and as they do, concerns are increasing about scalpers using 'bots' to scoop up as many COVID vaccine appointments as possible.

Bots are computer programs that generally used to help someone acquire a certain product or service, often target high-profile items like designer sneakers or concert tickets.

Walmart, Sam's Club pharmacies to begin COVID-19 vaccines Friday

But now, during the pandemic, cybersecurity experts worry that bot creators and operators might target vaccine registration websites.

"The bigger the organization, the more eager a bot operator is to target it," said Matthew Gracey-McMinn, a cybersecurity expert.

Life after vaccination

Dr. Anthony Fauci, the director of NIAID, said that Americans will need to continue to wear masks and keep distance for each other for some time even after they've been vaccinated against COVID-19.

With large chain pharmacies soon to be offering tens of thousands of appointment slots at locations nationwide, and with websites able to handle massive amounts of traffic, experts say that bot operators might try to mass-reserve vaccine appointments and then resell them to consumers unable to schedule their shots.

"Although there have been a lot of worries and concerns about this, that threat hasn't yet manifested yet," Gracey-McMinn said. "However, this is still a developing area."

Get breaking news alerts in the FOX5NY News app. Download for FREE!

We are yet to see vaccines rolled out to the broader population, but the early phase s of vaccination thus far have seemingly avoided bot attacks thanks in part to the confusing number of different state, city, hospital and pharmacy websites one must visit to schedule their vaccination.

Most bots are built to target one site at a time. Moreover, the personalized nature of vaccine appointments, in most places requiring identity verification, might also thwart slot-scalping bots.

In a statement to FOX 5 NY, a CVS spokeswoman wrote: "Our vaccination appointment site has a layered defense that includes capabilities to detect automated cyber-attacks, such as botnets."

For now, experts say the larger threat is scam registration sites, as opposed to bots booking every legitimate vaccine appointment.