Fraudulent websites used similar names, trademarked logos and graphics as biotechnology companies developing COVID-19 vaccines to steal personal information from users, Immigration and Customs Enforcement announced Friday.
Domain names “mordernatx.com” and “regeneronmedicals.com” were seized after Immigration and Customs Enforcement Homeland Security Investigations (HSI) officials learned the websites were collecting personal data from users, according to Immigration and Customs Enforcement (ICE). An investigation revealed that the websites were collecting personal data from visitors to commit fraud, phishing attacks, and to deploy malware such as viruses and spyware.
“Under Operation Stolen Promise, ICE HSI utilized its broad investigative authority to protect consumers from the increasing and evolving threat posed by COVID-19-related fraud and criminal activity,” ICE’s Homeland Security Investigations Executive Associate Director Derek N. Benner said in a statement.
“Now, under Operation Stolen Promise 2.0, HSI’s focus has expanded to combat the next wave of anticipated fraud related to the COVID-19 vaccine and other treatments,” Benner added.
Prosecutors say the websites collected visitors’ personal information. That data could be used later for fraud, phishing attacks or the deployment of malware. https://t.co/4K0axQbLFb
— WBAL NewsRadio 1090 and FM 101.5 (@wbalradio) December 19, 2020
People who visit the sites will receive a message that the domains were seized by the federal government via a seizure warrant issued by the U.S. Court for the District Court of Maryland.
“These individuals took advantage of fear during the global pandemic and attempted to steal personal information for nefarious purposes,” HSI Baltimore Special Agent in Charge John Eisert said in a statement.
An investigation into the websites began in December 2020 after one of the company’s corporate security found one of the fake domains, according to ICE. The other domain was found by an ongoing ICE HSI operation that focuses on publicly available websites that seem suspicious.
“Mordernatx.com” was reported on Dec. 10 by the global head of corporate security for Moderna, a biotechnology company based in Cambridge, Massachusetts, whose COVID-19 vaccine was approved for emergency use by the Food and Drug Administration Friday, according to ICE and the FDA.
The fraudulent website looked nearly identical to Moderna’s official website, though there was a slight spelling error in the company name, according to ICE. Personal information was collected by a company based in Kuala Lumpur, Malaysia, through an online form on the “contact us” tab. (RELATED: FDA Grants Moderna’s Coronavirus Vaccine Emergency Authorization)
“Regeneronmedicals.com” was detected on Dec. 9 by an ongoing HSI ICE investigation, according to ICE. The fraudulent domain was visually similar to a company based in Westchester County, New York, that received emergency authorization from the FDA to distribute a COVID-19 antibody cocktail used to treat patients.
The fraudulent website contained a Voice over IP number and two email addresses not on the official website, according to ICE. The domain was registered to an individual in Onitsha Anambra, Nigeria.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.