Skip to main content

Huge rise in phishing domains since Covid vaccines began

internet
(Image credit: Image Credit: Atm2003 / Shutterstock)

The number of malicious Covid-19-related domains has spiked dramatically since the vaccines were announced and began rolling out.

This is according to a new report from cybersecurity experts at Webroot, which states that more than 4,500 new suspicious domains were discovered in the month after vaccines were announced, containing keywords such as "Covid-19", "corona", "vaccine" and "cure Covid".

Almost a thousand (934) domains specifically included the word “vaccine” in the title, the report said, while 611 contained a misspelled variant. Almost 2,300 domains had “Covid” in the title, while 622 included the words "test" or “testing”.

Between December 8 and January 6, Webroot says the use of the word "vaccine" in suspicious domain names rose by 336 percent, compared to March 2020, and 94.8 percent over last November.

Cybercriminals have been using the Covid-19 pandemic to spread malware and steal sensitive data in various ways. One tactic includes creating fake websites that prompt victims to sign up to get a vaccine, purchase specialized protective gear or receive updates on the vaccine rollout. Instead, victims are infected with malware or have their personal and payment data stolen.