Crime, Health, Sci-Tech

Maryland U.S. Attorney’s Office seizes 3 additional domain names associated with fraudulent COVID-19 treatments

BALTIMORE, MD—The U.S. Attorney’s Office for the District of Maryland has seized three additional domain names associated with fraudulent COVID-19 treatments.

Authorities have seized “healthbridgescience.com,” “global-pandemic-vaccines.com,” and “genobioscience.com,” all of which purported to be the websites of actual biotechnology companies developing treatments for the COVID-19 virus but instead were allegedly used to collect the personal information of individuals visiting the sites, in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware. Individuals visiting those sites now will see a message that the site has been seized by the federal government and be redirected to another site for additional information.

The seizure of the domain names was announced by Acting United States Attorney for the District of Maryland Jonathan F. Lenzner and Special Agent in Charge James R. Mancuso of Homeland Security Investigations – Baltimore.

“We have now seized a total of eight fraudulent websites that seek to illegally profit from the COVID-19 pandemic,” said Lenzner. “We urge all Maryland residents to be skeptical – don’t provide personal information or click on links in unsolicited e-mails and remember that the COVID-19 vaccine is not for sale. The Federal government is providing the vaccine free of charge to people living in the United States. We will continue to aggressively prosecute fraudsters who seek to prey on unsuspecting residents and their families.”

“The danger with these illegitimate sites is that they can appear legitimate to the average viewer—all the more reason to exercise caution when searching for COVID-19 pandemic information,” said Mancuso. “As part of our cyber mission, HSI is committed to denying online scammers the ability to deceive and profit from the American people by exploiting the demand for vaccines and treatments.”

According to the affidavits filed in support of these seizures, these investigations began in March 2021. Homeland Security Investigations and the National Intellectual Property Rights Center received notification of two fraudulent websites, “genobioscience.com” and “healthbridgescience.com.” The third site, “global-pandemic-vaccines.com,” was discovered by Homeland Security Investigations’ Cyber Crimes Center (C3) during ongoing investigations for malicious websites. The cases were referred to HSI Baltimore for investigation.



Specifically, HSI was notified of two fraudulent websites “healthbridgescience.com” and “genobioscience.com,” by a victim biotechnology company. The company, which was granted an FDA emergency use authorization for their COVID-19 antibody drug cocktail treatment, confirmed neither of the suspect domains were approved company websites. The fraudulent sites displayed a nearly identical theme and design as the legitimate biotechnology company except for the subsection tab information. According to the affidavit, “healthbridgescience.com” was registered on February 21, 2021 and “genobioscience.com” was registered on March 24, 2021, but no registrant or contact information is listed for either website. As stated in the affidavit, criminals who operate websites and use targeted domain names often conceal their identity when registering their domain names by redacting personal identifiers to avoid being tracked by victims or law enforcement. An HSI Cyber Operations Officer (COO) also noted the “genobioscience.com” website did not use secure communication technology, making any sensitive information shared on this website potentially compromised.

The third domain name, “global-pandemic-vaccines.com,” offered COVID-19 vaccines for sale that it claimed were manufactured by pharmaceutical companies that had been granted FDA emergency use authorization for their COVID-19 vaccines. A COO indicated that the domain was created on February 26, 2021 and its registrar organization was listed as “WhoisProtection.cc,” located in Kuala Lumpur, Malaysia, which is a privacy service used to shield a domain registrant’s actual information from being see publicly. Additionally, under the bogus website’s “Contact Us” page, the telephone number appears to be associated with a messaging application and the street address listed is the address of a restaurant and a postal shipping center located in Torrance, California. Under the spoof website’s “shop” tab, there were two counterfeit vaccinations offered for sale to the public. The fraudulent website claimed that their vaccines did not require sub-zero storage. On March 15, 2021, HSI Special Agents, acting in an undercover capacity, called the phone number listed on the fraudulent website. An unknown individual agreed to sell fifty vials of the counterfeit vaccines for $20 each with a $500 deposit, and the remaining $500 due upon receipt of the vaccine doses. The provided invoice contained payment information for a specific bank account.

By seizing these sites, the government has prevented third parties from acquiring the names and using them to commit additional crimes, as well as prevented third parties from continuing to access the sites in their present form.

Anyone who believes they may be a victim of a fraud or attempted fraud involving COVID-19 should call the National Center for Disaster Fraud Hotline at 1-866-720-5721 or visit https://www.justice.gov/coronavirus.

 


Do you value local journalism? Support NottinghamMD.com today.