← Back to all briefings

Cybersecurity · Credibility 40/100 · · 5 min read

Cybersecurity Briefing — DOJ, FBI, and Secret Service cut down hundreds of COVID-19 scam domains

Justice Department, FBI, Secret Service, and domain registrars jointly dismantled hundreds of pandemic-themed scam sites, giving CISOs a roadmap for takedown escalation, cross-sector intelligence sharing, and remote-work fraud monitoring.

Executive briefing: DOJ’s Criminal Division, the FBI, Secret Service, and multiple registrars have already dismantled hundreds of COVID-19 scam domains that impersonated health agencies, stimulus portals, and charities. The task force is treating domain abuse as a joint cyber fraud problem—triaging IC3 complaints, forwarding enriched leads to registries, and demanding that enterprises rapidly pull malicious look-alike sites before they siphon payments or drop malware.

Immediate response steps for CISOs

  • Stand up registrar escalation playbooks. Mirror DOJ’s approach by compiling registrar abuse contacts, formatting takedown requests with screenshots and WHOIS data, and rehearsing how to push emergency suspensions when spoofed COVID-19 infrastructure appears.
  • Instrument pandemic-themed detection. Sweep DNS, proxy, and email telemetry for domains that blend “covid19,” “coronavirus,” or “stimulus” with brand terms, then feed suspicious hits to security operations and legal for rapid containment.
  • Wire IC3 reporting into the SOC. Train fraud and help-desk teams to file complaints with the Internet Crime Complaint Center so the national task force can correlate your findings with other victims in real time.

Build longer-range resilience

  • Coordinate with business units. Align marketing, HR, and crisis-communications teams on approved COVID-19 domains so employees and customers can quickly spot look-alikes.
  • Expand intelligence sharing. Push malicious URLs, hosting indicators, and registrar case numbers into ISAC channels so peers can watch for the same campaigns before they mutate.
  • Test user awareness. Blend pandemic-themed lures into phishing simulations and publish weekly fraud bulletins to keep remote staff wary of spoofed relief programs.

Source excerpts

Primary — scale of takedowns: “Federal authorities announced today that an ongoing cooperative effort…has disrupted hundreds of internet domains used to exploit the COVID-19 pandemic to commit fraud and other crimes.”

DOJ — Disruption of Hundreds of Online COVID-19 Related Scams

Primary — complaint volume: “As of April 21, 2020, the FBI’s Internet Crime Complaint Center (IC3) has received and reviewed more than 3,600 complaints related to COVID-19 scams… To attract traffic, these websites often utilized domain names that contained words such as ‘covid19,’ or ‘coronavirus.’”

DOJ — Disruption of Hundreds of Online COVID-19 Related Scams
  • COVID-19
  • IC3
  • domain-takedowns
Back to curated briefings