Categories: SecurityWorkspace

Covid-19 Phishing Campaigns Becoming ‘More Effective’

Phishing campaigns linked to Covid-19 have become more focused and increasingly effective as the pandemic’s initial peak has passed, researchers have found.

UK-based privacy group ProPrivacy said large numbers of coronavirus-related malicious domain names are still being registered, at 700 to 1,200 per day.

Traffic to those sites is also down from a daily peak of 130,000 visits per day on 14 April to up to 80,000 per day, according to the group, which uses aggregated data from security researchers and domain registrars.

But while traffic figures may be declining, attacks are becoming more difficult to detect and more subtly manipulative, said Sean McGrath, lead researcher on the study.

credit: World Health Organisation

‘More targeted’

“The reality is that malicious actors have not given up, but are now focusing their efforts in more targeted ways,” McGrath said in the study.

Phishing campaigns are focusing on users’ “intimate concerns” such as when children will go back to school or potential job losses, increasing their “potency and efficacy”, McGrath said.

“This is the next battlefront in the digital pandemic,” he wrote.

By far the most abused hosting company is GoDaddy, which has been found to be hosting “the majority” of malicious Covid-19-related sites to date.

“Given that GoDaddy is the largest hosting provider in the world, hosting more than 15 percent of all websites, it’s not surprising that the majority of activity has transpired on their infrastructure, most of which is provided by Amazon Web Services,” McGrath wrote.

GoDaddy said it had already removed Covid-19 fraud sites in response to reports and was prepared to “promptly investigate any and all reports of abuse”.


The use of such a popular hosting company makes it difficult for system administrators to block malicious IP addresses without also barring millions of legitimate sites, ProPrivacy said.

The company noted that coronavirus-related scam emails are often far more convincing than the average spam email, with correct logos and official sites included in the message body in order to gain the target’s confidence.

Emails may appear to come from authorities such as the Centers for Disease Control and Prevention (CDC) or to use “highly convincing” fraudulent sign-in pages for web-based email clients such as Microsoft Outlook.

Two of the most common themes relate to Covid-19 test results and the availability of protective equipment such as masks, McGrath said.

He advised users to treat such messages with caution and to double-check links before clicking on them.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

NHS Covid-19 Tracing App For England, Wales, Nears Launch

Date for limited rollout of delayed NHS track and trace app for England and Wales…

2 days ago

Coronavirus: Facebook Staff To Work From Home Until July 2021

Facebook follows Google lead by extending right of staffers to work from home until July…

2 days ago

Canon Suffers Ransomware Attack, With 10TB Of Data Stolen – Report

Report suggests Canon has been crippled with a ransomware attack with allegedly 10TB of data,…

3 days ago

Uber Expands UK Reach With Autocab Buy

Amid consolidation in the taxi sector caused by Coronavirus lockdown, Uber purchases British rival Autocab…

3 days ago

TikTok Selects Ireland For First European Data Centre

Ireland to get another data centre after the Chinese-owned short video app TikTok announces first…

3 days ago