As many as 1,200 COVID-related domains are still registered each day
Phishing campaigns related to COVID-19 are becoming more targeted and difficult to identify as the pandemic progresses, a new report from privacy advocacy group ProPrivacy suggests. The project, conducted in partnership with VirusTotal (Alphabet) and WHOIS XML, analyzed more than 600,000 domains to accurately track malicious activity throughout the pandemic. It found that the number of phishing domains being registered peaked in late March, but activity remains high with as many as 1,200 domains still being registered each day. To date, the project has identified more than 125,000 domains labeled as malicious, the vast majority of which are used for phishing activity.
- As many as 1,200 COVID-related domains are still registered each day
- ‘Mask’ has been the most common keyword theme amongst sites, with ‘Testing’ and ‘Zoom’ also featuring prominently
- Threat intelligence vendors and registrars will struggle to detect new vectors
- GoDaddy is the most abused web hosting provider for COVID-related campaigns. Having hosted over 30,000 potentially harmful domains, amounting to 37% of our database
- Amateur scammers benefit from the ability to purchase ‘phishing for beginners’ software on the dark web