US officials shut down scam websites impersonating Moderna, Regeneron

The scammers were after data that they could use for fraud or phishing, prosecutors said.
The U.S. Department of Justice, along with other agencies seized websites promoting vaccine fraud.

U.S. Justice Department officials on Friday said they had seized two internet domains purporting to belong to biotechnology firms developing treatments for the coronavirus, but which really were used to collect visitors’ personal data as part of a scam.

The scammers appeared to impersonate pharmaceutical giants Moderna and Regeneron, and collected information that could be used for fraud, or to steal users’ credentials and deploy malicious software, the U.S. Attorney for the District of Maryland said.

It wasn’t immediately clear how much personal data was stolen, or how it was used, if at all. But the domain seizures are a reminder of the staggering amount of coronavirus-related fraud that has occurred this year, as crooks all over the world have exploited the pandemic to sell counterfeit pills and conduct ransomware attacks.  Americans have reported more than $211 million in losses from COVID-19-related fraud, according to the Federal Trade Commission.

In this case, U.S. officials were tipped off to one of the scams after security executives at Moderna discovered the spoofed website, the Justice Department said Friday. Both domain names were registered in December, one through a company headquartered in Malaysia, the other apparently through a resident of Nigeria, officials said.


Pharmaceutical firms have begun distributing a vaccine for the virus, which has killed more than 312,000 people in the U.S. But there is still a real risk that internet users looking for the latest information on the vaccine will be ripped off by cybercriminals.

“I urge citizens to remain vigilant,” Robert Hur, the U.S. attorney for the District of Maryland, said in a statement. “Don’t provide personal information or click on websites or links contained in unsolicited e-mails.”

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts