The U.S. Department of Justice is expanding its efforts to counteract a huge surge in internet scams related to the coronavirus pandemic.
Federal officials announced Wednesday that ongoing cooperation between the government and a range of technology companies has resulted in the removal of hundreds of websites that included “coronavirus,” “covid19” and related phrases in their names. The goal, the Justice Department said, is to curb fraudulent sites that prey on pandemic anxieties to distribute malware, solicit donations or steal personal data.
The FBI has received and reviewed more than 3,600 complaints related to coronavirus scams, mostly in connection with fake cures and fraudulent vaccines, the Justice Department said in a press release. Bureau officials previously estimated that the Internet Crime Complaint Center receives between 3,000 and 4,000 complaints per day, up from a prior average roughly 1,000 per day, though not all alerts are regarding the pandemic.
“For cybercriminals there was this brief shining moment when we hoped that, ‘Gosh, cybercriminals are human beings too, and maybe they would think that targeting or taking advantage of this pandemic for personal profit, that might be beyond the pale,’” Tonya Ugoretz, deputy assistant director of the FBI’s cyber division, said during a recent panel. “Sadly that has not been the case.”
The bureau did not disclose the nature of its cooperation with private sector firms in the recent shutdowns, other than to say it alerted domain registrars to URLs that were poised for use in phishing operations.
A malicious website masquerading as the American Red Cross to ask for donations, websites posing as U.S. government sites to collect Americans’ personal data and an apparent homepage for a Brazilian brewery that hackers used to send out malware were among the pages taken down, according to the announcement Wednesday.
In a memo sent to all U.S. attorneys in March, Attorney General William Barr urged prosecutors to prioritize investigations into apparent scammers trying to make a profit by exploiting the coronavirus, or the ensuing fallout.
Since then, attackers have leveraged the pandemic to spread propaganda, steal victims’ personal data in phishing attacks, disguise malicious app activity and try to breach U.S. military networks, among other goals.
The department included an updated list of best practices for avoiding fraud on its website.