Security News > 2020 > April > Sipping from the Coronavirus Domain Firehose

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities.

Milwaukee-based Hold Security has been publishing daily and weekly lists of all COVID-19 related domain registrations.

That's because scammers very often will establish multiple subdomains for each domain, meaning that a single COVID-related new domain registration could eventually be tied to a number of different scammy or malicious sites.

Subdomains can not only make phishing domains appear more legitimate, but they also tend to lengthen the domain so that key parts of it get pushed off the URL bar in mobile browsers.

"As cybercriminals and other malevolent actors seek to take advantage of the Coronavirus pandemic, it is critical that domain name registrars like yours exercise diligence and ensure that only legitimate organizations can register Coronavirus-related domain names and domain names referencing online communications platforms; act quickly to suspend, cancel, or terminate registrations for domains that are involved in unlawful or harmful activity; and cooperate with law enforcement to help bring to justice cybercriminals profiting from the Coronavirus pandemic," the senators wrote.

News URL

https://krebsonsecurity.com/2020/04/sipping-from-the-coronavirus-domain-firehose/