Maryland Feds Shut Down Covid-19 Vaccine-Themed Phishing Website

Saturday, May 8th, 2021 | , ,

Maryland based Federal law enforcement officers shut down a fraudulent website targeting immigrant-communities that claimed to be for a company developing a Covid-19 vaccine. Instead, the site was used as a phishing lure to steal information from people with the purpose of using it for future cybercriminal activity.

The U.S. Attorney’s Office for the District of Maryland, working with Homeland Security Investigations (HSI) in Baltimore, seized “,” “which purported to be the website of an actual biotechnology company developing a vaccine for the COVID-19 virus,” according to a release on the office’s website posted earlier this week. Instead, the site was collecting personal information from people who visited it “in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware.”

The site used trademarked logos for Pfizer, the World Health Organization (WHO) and the United Nations High Commissioner for Refugees (UNHCR) on its home page to dupe visitors into thinking it was a legitimate site, according to the release. It collected visitor information by using a drop-down menu asking people to select their city and then apply for information by downloading a PDF file to their computers.

The PDF that the site offered to users was written in Cyrillic, suggesting that fraudsters were targeting immigrant communities of people from former Soviet countries of Belarus, Kazakhstan, Russia, Turkmenistan, and Ukraine, who use Cyrillic script in their native languages. A domain analysis conducted by HSI indicated the domain name was created on April 27, using an IP address located in Strasbourg, France and a registrant country listed as Russia.

Clicking on the site now greets users with a message that the site has been seized by the federal government and redirects them to another site for additional information. Seizing the site also means that third parties cannot use the name and use it to commit additional crimes, according to the feds.

Share this: