According to reports, cybercriminals are creating thousands of Coronavirus-related websites each day in an attempt to trick victims with a variety of scams—from phishing attacks to malware distribution to financial fraud. Learn about these scam tactics and how to better detect and avoid them.
Thousands of Coronavirus-Related Websites Launch Daily—Many Are Scams
Cybercriminals are reportedly registering large numbers of potentially malicious websites as they try to cash in on the Coronavirus pandemic.
Experts estimate that thousands of new domains are launching daily that contain terms like Coronavirus, COVID, pandemic, virus, or vaccine. Some of the websites could be legitimate, but experts believe that many of the domains are being used for online fraud.
Examples of fraudulent Coronavirus-related websites include:
- Scam stimulus-themed websites that attempt to steal victims’ money or personal information
- Websites that claim to offer Coronavirus vaccines or test kits (The Food and Drug Administration states that there are currently no FDA-approved products to prevent COVID-19.)
- Websites used to promote fraudulent COVID-19 treatments, such as teas, essential oils, and tinctures
- Online sellers of bogus in-demand products, like cleaning and medical supplies that are never delivered
- Websites impersonating organizations, such as the Centers for Disease Control and Prevention (CDC)
- Fake charity websites
Scam Coronavirus Tracker Maps Imitate Legitimate Ones
Researchers have identified several fake COVID-19 tracker maps that lure victims in with the promise of tracking the spread of the virus. According to the Federal Trade Commission (FTC), some scammers have even used real information, such as the interactive dashboard of Coronavirus infections from Johns Hopkins University, to spread password-stealing malware.
The scam may start with hackers promoting links to malicious websites disguised as COVID-19 tracking maps through email or social media. When individuals visit the sites, they may be directed to open an applet that can infect their device with malware that steals data like login credentials and banking details.
Hackers May Mimic Popular Streaming Websites
Experts estimate that more than 700 fake websites have been created that mimic streaming service signup pages, like Netflix and Disney+. The goal of these sites is to collect personal information from consumers who may be spending more time at home.
These convincing spoof websites often entice victims with an offer of a free subscription and then steal valuable data, such as names, addresses, and credit card details.
Tips to Avoid Scam Coronavirus Websites and Virus Trackers
The FDA advises consumers to be cautious of websites and stores selling products that claim to prevent, treat, or cure COVID-19. (There are no FDA-approved products to prevent COVID-19.)
The FBI states that individuals should always verify the web address of legitimate websites, as well as manually type the address into a browser. It’s also best to check for misspellings or wrong domains within a link, such as an address that should end in a ".gov" but instead ends in “.com."
Experts advise individuals to use only verified COVID-19 tracking maps in order to avoid malware.
If You Think You Have Been a Victim of a Coronavirus-Related Scam
- If you believe you have been the victim of a Coronavirus-related scam, report it to the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov. The FTC also recommends that individuals report any scams or suspicious claims at ftc.gov/complaint.
- If you believe you have been sold counterfeit products, report it to the FBI’s IC3 at www.ic3.gov, as well as to the National Intellectual Property Rights Coordination Center at www.iprcenter.gov.
Additional Resources
- According to the FBI’s IC3, the best sources for authoritative information on COVID-19 are www.cdc.gov and www.coronavirus.gov.
- To keep up-to-date on what the FTC is doing regarding Coronavirus-related scams, visit the agency’s Coronavirus Scams web page.