US officials shut down scam websites impersonating Moderna, Regeneron

U.S. Justice Department officials on Friday said they had seized two internet domains purporting to belong to biotechnology firms developing treatments for the coronavirus, but which really were used to collect visitors’ personal data as part of a scam.

The scammers appeared to impersonate pharmaceutical giants Moderna and Regeneron, and collected information that could be used for fraud, or to steal users’ credentials and deploy malicious software, the U.S. Attorney for the District of Maryland said.

It wasn’t immediately clear how much personal data was stolen, or how it was used, if at all. But the domain seizures are a reminder of the staggering amount of coronavirus-related fraud that has occurred this year, as crooks all over the world have exploited the pandemic to sell counterfeit pills and conduct ransomware attacks.  Americans have reported more than $211 million in losses from COVID-19-related fraud, according to the Federal Trade Commission.

In this case, U.S. officials were tipped off to one of the scams after security executives at Moderna discovered the spoofed website, the Justice Department said Friday. Both domain names were registered in December, one through a company headquartered in Malaysia, the other apparently through a resident of Nigeria, officials said.

Pharmaceutical firms have begun distributing a vaccine for the virus, which has killed more than 312,000 people in the U.S. But there is still a real risk that internet users looking for the latest information on the vaccine will be ripped off by cybercriminals.

“I urge citizens to remain vigilant,” Robert Hur, the U.S. attorney for the District of Maryland, said in a statement. “Don’t provide personal information or click on websites or links contained in unsolicited e-mails.”