Phishing scams related to the coronavirus have become more targeted and sophisticated, tapping into people’s intimate concerns about the pandemic despite an overall drop in the number of newly registered COVID-19-related websites, a private study showed.
“These malicious campaigns have moved underground and are now addressing our most intimate concerns [on the health of families and job security]”, said Sean McGrath, lead researcher on the study from the UK-based privacy advocacy group ProPrivacy. “This is the next battlefront in the digital pandemic.”
The research comes as the COVID-19 pandemic accelerated the digitalization process across large swathes of the global economy and in the daily lives of millions due to social distancing and lock-down measures imposed to stem the spread of the virus. While this process has helped people alleviate the adverse impact of the pandemic on their work and lives, it has opened opportunities for malicious activity.
Actively malicious activity remains high with as many as 1,200 domain names being registered daily after the number of phishing domains peaked in March, the research said.
The research, which began in January and aimed to gather as many domains related to the pandemic as possible, singled out more than 125,000 malicious domains globally out of more than 600,000 domains that have been tracked and analyzed.
Conducted in partnership with Goolge’s VirusTotal and database provider WhoisXML API, the research also found that phishing activities are becoming more targeted and potent, with a sharp increase in domain registrations related to unemployment, welfare benefits, and the US stimulus package—and a marked decrease in the number of domains related to terms like “covid” and “mask”.
Questions such as “When will my children return to school?” and “Will I lose my job?” will fuel the second peak of malicious activity, McGrath said.
GoDaddy, the Arizona-based company hosting an estimated 15% of all websites, was flagged as the most abused web host, hosting a disproportionately high number of domains used for phishing activity, the research said.
GoDaddy did not immediately respond to an emailed request for comment.
This article was originally published in the South China Morning Post.