Skip to main content

Huge rise in phishing domains since Covid vaccines began

(Image credit: Image Credit: Atm2003 / Shutterstock)

The number of malicious Covid-19-related domains has spiked dramatically since the vaccines were announced (opens in new tab) and began rolling out.

This is according to a new report from cybersecurity experts at Webroot, which states that more than 4,500 new suspicious domains were discovered in the month after vaccines were announced, containing keywords such as "Covid-19", "corona", "vaccine" and "cure Covid".

Almost a thousand (934) domains specifically included the word “vaccine” in the title, the report said, while 611 contained a misspelled variant. Almost 2,300 domains had “Covid” in the title, while 622 included the words "test" or “testing”.

Between December 8 and January 6, Webroot says the use of the word "vaccine" in suspicious domain names rose by 336 percent, compared to March 2020, and 94.8 percent over last November.

Cybercriminals have been using the Covid-19 pandemic to spread malware and steal sensitive data (opens in new tab) in various ways. One tactic includes creating fake websites that prompt victims to sign up to get a vaccine, purchase specialized protective gear or receive updates on the vaccine rollout. Instead, victims are infected with malware or have their personal and payment data stolen.  

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.