New York Attorney General asks domain registrars to crack down on coronavirus scam sites

New York Attorney General asks domain registrars, including GoDaddy, and Namecheap, to crack down on coronavirus scam sites.

The Coronavirus-themed attacks continue to increase, experts warn of thousands of COVID-19 scam and malware sites are being created every day.

The New York Attorney General asks GoDaddy, Namecheap, Register.com, and Endurance International Group and other domain registrars to crack down on Coronavirus scam sites.

In recent weeks, we observed that threat actors are creating thousands of coronavirus-themed websites on a daily basis.

The sites are employed in a broad range of attacks, including phishing attacks, frauds, and malware-based attacks.

Since February, we are observing thousands of new Coronavirus-related domains containing keywords like Coronavirus, COVID19, COVID, pandemic, vaccine, virus.

The security researcher who goes online by the name of DustyFresh is one of the experts that monitored the alarming trend.

The expert published a list containing thousands of COVID19-related domains created between March 14 and March 18, most of them potentially malicious.

The list only analyzed sites containing the word “coronavirus,” clearly extending the search for other terms (i.e. COVID19, vaccine, etc.) and to a longer period, we can find tens of thousands similar websites.

Similar research was conducted by researchers from security firm RiskIQ that shared several lists of COVID19-related malicious domains.

Data reported by RiskIQ are disconcerting, the experts observed more than 13,500 suspicious domains on March 15 and more than 35,000 domains on March 16.

Malicious websites include the likes to websites selling fake cures, fake vaccines, or sites peddling malware disguised as coronavirus-related apps.

According to ZDnet, New York Attorney General Letitia James sent open letters to six internet’s largest registrars asking to implement additional checks for requests of registration of COVID-19 and coronavirus-related domains.

“The Office of the New York Attorney General (NYAG) is investigating the registration and use of coronavirus-related domains for the purposes of deceptive advertising, phishing schemes and malware dissemination. These activities may violate a number of laws, including but not limited to General Business Law § 349, Executive Law § 63(12), and the Computer Fraud and Abuse Act (CFAA), as well as your terms of service for domain registration.” reads the letter sent by the NYAG and shared by ZDnet.

Below the actions suggested by the NYAG:

• The use of automated and human reviews for all newly registered coronavirus-related domain names
• The establishing of a special channel for authorities and the general public to report coronavirus-related scam sites
• The de-registration of all reported domain names
• The deployment of systems to halt the registration of coronavirus-related domains
• The deployment of systems to block the rapid registration of coronavirus-related domains
• Updating terms of service to add clauses for “aggressive enforcement for the illegal use of coronavirus domains”

The COVID19 outbreak is sustaining an unprecedented demand in hygiene products, surgical masks, and drugs that could care the COVID infection. Most of the above websites were created to illegally offer the above products.

The Europol announced the result of an international operation, dubbed Operation Pangea, has brought together police from over 90 countries in a bid to stem a rising flood of criminal enterprises relating to COVID-19. 

The Europan agency has seized €13 million in drugs that were illegally offered for sale to users concerned about the Coronavirus outbreak. 

Operation Pangea was the result of the collaboration of police from over 90 countries.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – COVID, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]