The feds have disrupted hundreds of internet domains that cybercriminals have used to commit fraud and other crimes by taking advantage of the coronavirus pandemic, the Justice Department announced Wednesday.
The FBI as of Tuesday received more than 3,600 complaints related to COVID-19 scams, “many of which operated from websites that advertised fake vaccines and cures, operated fraudulent charity drives, delivered malware, or hosted various other types of scams,” according to a statement.
“To attract traffic, these websites often utilized domain names that contained words such as ‘covid19,’ or ‘coronavirus.’ In some cases, the fraudulent sites purported to be run by, or affiliated with, public health organizations or agencies,” it added.
Law enforcement and several private-sector companies – including several internet domain providers and registrars – cooperated in the effort to disrupt the efforts of the cybercriminals, the feds said.
Among the illegal coronavirus-related sites was one pretending to solicit and collect donations for the American Red Cross and others that spoofed government programs to trick people into entering personally identifiable information.
“Multiple federal agencies have worked to analyze the complaints, investigate ongoing fraud, phishing, or malware schemes, and assemble vetted referrals,” the DOJ said.
“Agencies have sent hundreds of these referrals to the private-sector companies managing or hosting the domains. Many of those companies, in turn, have taken down the domains after concluding that they violated their abuse policies and terms of service, without requiring legal process.”
Assistant Attorney General Brian Benczkowski of the Justice Department’s Criminal Division said in a statement: “The department will continue to collaborate with our law enforcement and private sector partners to combat online COVID-19 related crime. We commend the responsible internet companies that are taking swift action to prevent their resources from being used to exploit this pandemic.”
In the first three months of 2020, there were at least 2,022 malicious and 40,261 “high-risk” newly registered websites and domains, according to Palo Alto Networks, which tracked a total of 116,357 coronavirus-related domain names, Forbes reported.
Cybersecurity researchers labeled domains malicious when they were either conducting phishing expeditions to try and swipe users’ personal data and passwords, or if they were serving malware, according to the news outlet.
There was a 569 percent spike in registrations of such sites between February and March, according to the researchers.
Many sites hosting malware targeted Windows users, but several also have attacked Android users, Forbes reported.
Many fakes sites focused on in-demand supplies, such as allsurgicalfacemask.com and selectsanitizer.com, while other bogus sites pretended to be online pharmacies, such as covid19-remedy.com, rxcovid.com and anticovid19-pharmacy.com, the outlet reported.
Not only were they promising unproven treatments, they also were pushing a myriad of other medications like Viagra and other drugs unrelated to COVID-19.
“People should be highly skeptical of any emails or newly-registered websites with COVID-19 themes, whether they claim to have information, a testing kit, or a cure. Special care should be taken to examine domain names for legitimacy and security, such as ensuring it is the legitimate domain,” the Palo Alto researchers said.
“Similar care should be taken with any COVID-19 themed emails – a look at the sender’s email address often reveals the content is likely not legitimate, as it’s either unknown to the recipient, mis-spelled, or suspiciously long with random seeming characters,” the cybersecurity company added, according to Forbes.
If you think you are a victim of a fraud or attempted fraud involving COVID-19, call the National Center for Disaster Fraud Hotline at 1-866-720-5721 or email at firstname.lastname@example.org. If it is a cyber scam, submit your complaint through https://www.ic3.gov.