Feds Target Hundreds of Online Scams Aimed at Exploiting COVID-19 Pandemic

April 22, 2020 Updated: April 22, 2020

The Justice Department (DOJ) said on Wednesday that it had disrupted hundreds of internet domains that cybercriminals have used to commit fraud and other crimes related to the COVID-19 pandemic.

Federal authorities, law enforcement, and a number of private-sector companies, including multiple internet domain providers and registrars, worked cooperatively to investigate and take action against fraudsters that aimed to exploit the concerns of the CCP (Chinese Communist Party) virus, the department said.

This comes after the FBI’s Internet Crime Complaint Center received and reviewed over 3,600 complaints related to COVID-19 scams as of Tuesday. Many of these scams originated from websites that offer fake vaccines and cures for treating the virus, conducted fake charity drives, delivered malware, or hosted various other types of scams, the department said.

The websites often contain the words “covid19,” or “coronavirus” in their domain name or claim to be run by or affiliated with public health organizations or agencies in order to attract traffic.

Among the illicit websites was one that pretended to solicit and collect donations to the American Red Cross for COVID-19 relief efforts. Other sites spoofed government programs to trick Americans into entering personally identifiable information such as banking details.

Epoch Times Photo
Cedars-Sinai charge nurse Lorraine McPherson works as employees donate blood during a blood drive held in a blood mobile outside Cedars-Sinai Medical Center in Los Angeles, Calif., on March 19, 2020. (Mario Tama/Getty Images)

“The department will continue to collaborate with our law enforcement and private sector partners to combat online COVID-19 related crime,” Brian Benczkowski, the assistant attorney general of the DOJ’s Criminal Division, said in a statement. “We commend the responsible internet companies that are taking swift action to prevent their resources from being used to exploit this pandemic.”

The officials said after complaints were analyzed and investigated, they were referred to private-sector companies managing or hosting the domains. Many of those companies have, in turn, taken down those domains after determining that the sites violated their policies and terms of service, without going through a legal process.

Meanwhile, domain registrars, registries, cybersecurity researchers, and law enforcement are all taking steps in differing degrees to counter the cybercriminals’ efforts amid the pandemic, the DOJ said.

The U.S. Secret Service (USS) field offices, the U.S. Postal Inspection Service, and the Food and Drug Administration were also involved in the efforts to halt the malicious activities online.

“Keeping pace with the growing threat of cyber-enabled COVID-19 scams requires an alliance between the private sector and our law enforcement partners to safeguard our Nation from this sort of nefarious conduct,” James Murray, Director of the USS, said in a statement.

Last month, the USS issued an alert (pdf) to warn about email scams associated with the pandemic, in particular, social engineering scams, phishing scams, non-delivery scams, and auction fraud scams.

The agency said cybercriminals are, for example, distributing emails that contain malware while posing as legitimate medical or health organizations with information about the virus. After the victims open up the attachments in the emails, their computers are then infected with the malicious software.

Researchers from the software group Check Point found that almost 17,000 new CCP virus-related domains had been registered since April 2. Out of these, 2 percent of the domains were considered malicious, while 21 percent were suspicious. In total, about 68,000 CCP virus-related domains have been registered since January.

The researchers also found that more than 4,000 new internet domains related to COVID-19-related stimulus or relief packages have been registered globally since January. The number of internet domains jumped in the week starting March 16 around the time when the federal government proposed the stimulus package to taxpayers.

Follow Janita on Twitter: @janitakan