The COVID-19 crisis has had at least one predictable result: phishing artists are working overtime to victimize frightened people.
Consider these items from the past several days:
And, on Saturday, the U.S. Justice Department announced its first COVID-19 fraud action: against a defendant it identified as “coronavirusmedicalkit.com.”
The U.S. District Court for the Western District of Texas has issued a temporary restraining order against the outfit pending a hearing on a request for a preliminary injunction. Given the need to shelter in place, that could take months.
The complaint alleges that this website features a photo of Dr. Anthony Fauci, who is director of the National Institute of Allergy and Infectious Diseases, and states: “Due to the recent outbreak for the Coronavirus (COVID-19) the World Health Organization is giving away vaccine kits. Just pay $4.95 for shipping.”
Most people have had it drummed into their heads that test kits are hard to come by. But naïve parties who click on a link on this site are brought to a page showing the FedEx logo. There they are urged to provide credit card and billing information, the complaint says.
The complaint also alleges that “NameCheap, Inc. plays a critical role in the scheme by serving as the domain registrar of the website, which allows potential victims to access the website. “
NameCheap CEO Richard Kirkendall responds that the firm is "actively working with authorities to both proactively prevent, and take down any fraudulent or abusive domains or websites related to COVID19 or the Coronavirus. These actions also include banning such terms from our available domain name search tool to prevent them from being registered going forward.”
Of course, the courts may be moving slowly at this moment.
Regardless of the merits of this case, people should know better than to click on suspicious links. That goes double for people working at home who presumably have received training in cyber security.
For those who haven’t, the DOJ recommends that they: