As if there wasn’t enough to worry about with the new coronavirus, cybercriminals around the globe are exploiting the public’s interest in the epidemic to spread malicious activity.

As the virus spreads across the globe, people are on the lookout for the latest information and updates on how it might affect them. Fraudsters are typically quick to take advantage of such public concerns, with the coronavirus serving them well as an enabler for their activities, such as:

  • Domaingrabbing
  • Phishing emails
  • Fakeshops

The objectives are well known: large profit margins through lucrative resales, stealing sensitive information and luring people into downloading a different kind of virus, or selling goods that are never dispatched.

Cybercriminals are waiting in the wings

A look at the domain registrations that precede these activities shows what impact the current outbreak has on the domain business. More than 1.000 coronavirus-themed domain names were registered since the World Health Organization (WHO) officially named the deadly disease COVID-19 on the 11th of February – not to mention the domain names connected to health-related organizations. Although many of the newly registered domains may contain relevant information, the number of unreported cases of misuse is high.

The .com domains matching the new name of coronavirus were registered before even the first news reports emerged.

The speed at which cybercriminals act is particularly impressive; only one minute after the WHO made the accouncement at a press conference in Geneva, including an official tweet, the domain were registered, followed by the hyphen version three minutes later.

In response to the persistent phishing activities, the WHO even put out a warning about coronavirus email scams on its website. Phishing emails are ones that appear to be from trusted source, tricking you into providing sensitive information, downloading malware, or clicking a link to a website that can do either. In the case of the WHO, scammers use coronavirus warnings from apparant WHO representatives as a veil for these attacks.

The current malicious events are an indicator of the speed of action within the domain industry, and are a warning shot for companies to protect themselves from the lurking dangers at all times. In addition to the well-known seasonal themed spam campaigns such as recent Valentine’s day, cybercriminals are waiting in the wings for potential public phenomena to pop up to take advantage for their own gain in the ever-evolving digital world.

Top 10 coronavirus-themed domain terms

Term Registrations
coronavirus 343
covid19 199
coronavirusinfo 40
coronavirusvaccine 38
thecoronavirus 36
coronaviruses 36
stopcoronavirus 34
covid19virus 32
coronavirusnews 32
covid19info 21 | Updated 10.03.2020