A trio of Democratic senators sent letters to some of the largest website domain registrars this week asking them to fight against bad actors registering coronavirus websites to use for phishing, installing malware, or other malicious activity.
Sen. Mazie Hirono (D-Hawaii), Sen. Cory Booker (D-N.J.), and Sen. Margaret Hassan (D-N.H.) sent letters to GoDaddy, Dynadot, Donuts Inc., Namecheap, DreamHost, and other website domain registrars, citing research that showed a spike in coronavirus-related domain names increasing since January.
“We write regarding recent reports that cybercriminals are registering domain names that include references to the coronavirus or online communications platforms in widespread use at this time of social distancing—such as Zoom, Google Classroom, and Microsoft Teams—to conduct ‘phishing’ schemes, install malware, spread misinformation about the virus, or otherwise take advantage of Internet users,” the senators’ letter reads.
“As people the world over turn increasingly to the internet for information about the coronavirus and use online applications to work, learn, and keep in contact with friends and family, it is imperative that domain name registrars not turn a blind eye to such illicit activity but, rather, act to protect the Internet-using public,” the senators wrote.
Hirono, Booker, and Hassan cite several studies that showed an increase in coronavirus domain names in recent months. One study, from intelligence firm Recorded Future, found that more than 1,000 domain names were registered daily by the end of February.
Another study cited by the senators by Check Point showed an uptick in phishing websites related to videoconferencing software like Zoom, Google Classroom, and Microsoft Teams. They also pointed out that studies showed coronavirus-related websites were 50 percent more likely to be malicious than other domains registered between January and March.
The senators called on the domain registrars to ensure that only “legitimate organizations can register coronavirus-related domain names,” and to cancel domains that were involved in malicious activity.
The letter also asks the companies to answer a series of questions including how they make sure those seeking domains are real people and if they have any additional steps for domains with words like “coronavirus,” “covid,” “pandemic,” and names of medicine, among numerous others.
The senators requested answers from the registrars by April 20.
Last month, a number of fake versions of coronavirus maps showing the spread of the virus were found to contain malware.