+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Thousands of shady websites with 'coronavirus' or 'covid' in their domain have popped up since January - and it reflects how eagerly scammers are trying to cash in on the epidemic

Apr 3, 2020, 20:22 IST
AP Photo/Mark Schiefelbein
  • Since January, there has been an exponential rise in the number of websites with domain names mentioning "coronavirus," "COVID," and "COVID-19," according to a new report.
  • Over 48,000 such domains have been registered this year. While some are legitimate sites, researchers have identified many that are malicious, and others that are empty sites "parked" on domains that could potentially be sold later.
  • The trend provides one way to quantify the lengths that scammers and shady companies are going to in order to profit from the coronavirus epidemic.
  • Visit Business Insider's homepage for more stories.

By the end of 2019, there was just one certified website on the web that conatined "COVID" in its URL, belonging to an Arizona-based electronics manufacturer by that name.

By the end of March, more than 42,000 websites with domains containing "COVID" and "corona" had been created, according to a new report from cybsecurity research firm Sophos Labs. Researchers say the bulk of the domains are either actively malicious or suspicious.

Like a surge in coronavirus-related phishing scams, the steep rise in newly-registered domains reflects shady actors' willingness to cash in on people's fears and the desire for information about the epidemic. Researchers have been combing through the newly-registered domains to identify active scams, and have already gotten hosts like WordPress to remove fraudulent sites.

"Over the past 10 days, we've found 25 COVID-19 related URLs that were actively being used for phishing, malware staging or as a phone-home server for malware," Sophos senior researcher Sean Gallagher told Business Insider. "While a fraction of the total, it's still a significant number. When they are used for phishing attacks, they usually go dormant quickly after they're detected."

Advertisement

Sophos

Some of the malicious sites are longstanding pharmaceutical scam sites that have been "re-wrapped" to catch the attention of people searching for coronavirus treatments. Others link to malware that holds victims' computer systems for ransom until they pay a price.

The majority of the new domains are empty sites that have been "parked" at coronavirus-related URLs, which could be sold to the highest bidder. Some are extraneous, while others are oddly specific - one URL logged by Sophos is "coronavirusshaquilleoneal[.]com."

Read the full report from Sophos Labs here.

Do you have a personal experience with the coronavirus you'd like to share? Or a tip on how your town or community is handling the pandemic? Please email covidtips@businessinsider.com and tell us your story.

And get the latest coronavirus analysis and research from Business Insider Intelligence on how COVID-19 is impacting businesses.

NOW WATCH: How social distancing during the COVID-19 pandemic looks from a satellite

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article