Skip to Content

Without leadership on vaccine rollout, scams are inevitable

People seeking vaccinations in Florida were hit by fraudsters. That’s no surprise when responsibility is forced on overstretched local officials.
January 6, 2021
An elderly man is inoculated with the Moderna COVID-19 vaccine
AP Photo/Lynne Sladky

To say the first few weeks of vaccine delivery have been turbulent would be an understatement. States across the US have found themselves struggling with underdeveloped logistics that have caused problems in delivery and made rollout slower than promised. Meanwhile, the debacle at Stanford Medical Center, where a system to rank potential vaccine recipients managed to ignore frontline doctors, was proof that you could over-engineer the system too. 

Many were puzzled as to how this could happen, given the months of lead time to arrange distribution. The US government had used a press conference in October to explain the military’s role in what it claimed would be world-leading delivery of vaccines. 

“We have the best logisticians in the world at the Department of Defense, working in conjunction with the CDC, to guide ... every logistical detail you could possibly think of,” declared Paul Mango, the deputy chief of staff for policy at the Department of Health and Human Services. Though the military would not be involved in giving injections, he said, it would run an end-to-end system of surveillance to ensure that every dose of vaccine was administered with precision before it expired. 

That supply chain, however, has come under attack. 

In one case a pharmacist in Wisconsin managed to sabotage 500 vaccines, apparently driven by his belief in apocalyptic conspiracy theories. It wasn’t exactly the strike that Interpol warned about when it cautioned nations to remain vigilant against threats to the vaccine supply from organized crime, but it did show that the weaknesses in the system were there—and that they might be the consequence of bad decisions at the top.

Temporary fixes cause trouble

It has become increasingly clear that many hospitals, pharmacies, and other facilities that received vaccine deliveries are on their own: forced to oversee the logistics themselves, organize appointments with patients, and monitor follow-ups. Under pressure, they have started to make hasty or uninformed decisions, or turn to services that weren’t built for such critical purposes.

Reports started to trickle in about how different free websites, like SignUpGenius, were being used for vaccination reservations in Oklahoma. Princeton University sociologist Shamus Khan chronicled how he was frustratedly refreshing Eventbrite, an online event service website, in order to grab a spot for his elderly parents in Florida. Some health departments in the state had decided to use the system because it was “quickest, easiest, and most efficient way” to meet their pressing need. 

Later, however, it was revealed that some people who thought they had paid to secure a spot via Eventbrite had been duped. Fraudsters had created fake listings pages to trick people into handing over their money for appointments that didn’t exist. Phone numbers for county health departments were jammed all day, and websites struggled with demand, compounding the problem. 

The use of third-party websites creates the perfect opportunity for a low-tech supply chain attack. Typically when we think about supply chains and cybercrimes, images of malicious software, stolen passwords, or phishing come to mind. But no hacking was needed in this case. What happened in Florida was media manipulation in the form of impersonation: fraudsters had only to use the website as it was designed in order to run away with desperate seniors’ cash. 

The rule of misinformation

These cases are alarming for a number of reasons. Imposter sites hiding behind suspect domains to sell fake wares have become common during the pandemic. So, too, has the use of social media to conduct low-grade information warfare claiming that the pandemic is a conspiracy

But if there is a law of misinformation, it is this: Everything open will be exploited. 

Scammers will profit from crisis and confusion, especially if the heist is easy and risks are minimal. When the DOD and CDC failed to consider the last mile for vaccine delivery, it opened the possibility for a supply chain attack. Counties and hospitals with limited resources and basic infrastructure are not pandemic prepared, nor have they been briefed on the security risks posed by third-party websites that make money by harvesting the data associated with signups. 

Counties should not be left to deal with this issue ad hoc. Media manipulators will continue to use their tactics until it is no longer profitable, and federal authorities should step up to the challenge and provide access to the logistics technology they so proudly boasted about in press conferences. The incoming administration promises to deliver 100 million shots during its first 100 days—but to do that, it will have to address misinformation as well all the other issues.

As a nation, we must treat these vaccines as life-saving medicine and ensure that this precious cargo is secured just like our software: end-to-end—or shot-to-arm. 

—Joan Donovan is the research director of the Shorenstein Center on Media, Politics and Public Policy at Harvard.

Deep Dive


Is there anything more fascinating than a hidden world?

Some hidden worlds--whether in space, deep in the ocean, or in the form of waves or microbes--remain stubbornly unseen. Here's how technology is being used to reveal them.

A brief, weird history of brainwashing

L. Ron Hubbard, Operation Midnight Climax, and stochastic terrorism—the race for mind control changed America forever.

Africa’s push to regulate AI starts now        

AI is expanding across the continent and new policies are taking shape. But poor digital infrastructure and regulatory bottlenecks could slow adoption.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.