05 May 21, 15:02
Quote:Federal law enforcement in Maryland has shut down a fraudulent website targeting immigrant communities that claimed to be for a company developing a COVID-19 vaccine. Instead, the site was stealing information from people with the purpose of using it for future cybercriminal activity.
The U.S. Attorney’s Office for the District of Maryland, working with Homeland Security Investigations (HSI) in Baltimore, seized “Freevaccinecovax.org,” “which purported to be the website of an actual biotechnology company developing a vaccine for the COVID-19 virus,” according to a release on the office’s website posted earlier this week.
Instead, the site was collecting personal information from people who visited it “in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware.”
The site used trademarked logos for Pfizer, the World Health Organization (WHO) and the United Nations High Commissioner for Refugees (UNHCR) on its home page to dupe visitors into thinking it was a legitimate site, according to the release. It collected visitor information by using a drop-down menu asking people to select their city and then apply for information by downloading a PDF file to their computers.
The PDF that the site offered to users was written in Cyrillic, suggesting that fraudsters were targeting immigrant communities of people from former Soviet countries of Belarus, Khazakstan, Russia, Turkmenistan and Ukraine, who use Cyrillic script in their native languages. A domain analysis conducted by HSI indicated the domain name was created on April 27, using an IP address located in Strasbourg, France and a registrant country listed as Russia.
“It’s a scary thought but what HSI wants the public to understand is, all a bad guy needs to defraud thousands of Americans in search of COVD-19 information is the ability to create a website combined with malicious intent,” said James Mancuso, special agent in charge for the HSI Baltimore Field Office. “We must make an example of these perpetrators in order to deter others from committing these crimes against an unsuspecting and vulnerable internet user.”
Read more: Feds Shut Down Fake COVID-19 Vaccine Phishing Website | Threatpost