By Kaylee Greenlee
Fraudulent websites used similar names, trademarked logos and graphics as biotechnology companies developing COVID-19 vaccines to steal personal information from users, Immigration and Customs Enforcement (ICE) announced Friday.
Domain names “mordernatx.com” and “regeneronmedicals.com” were seized after ICE’s Homeland Security Investigations (HSI) officials learned the websites were collecting personal data from users. An investigation revealed that the websites were using this information to commit fraud, phishing attacks, and deploy phishing such as viruses and spyware.
“Under Operation Stolen Promise, ICE HSI utilized its broad investigative authority to protect consumers from the increasing and evolving threat posed by COVID-19-related fraud and criminal activity,” ICE’s Homeland Security Investigations Executive Associate Director Derek N. Benner said in a statement, adding, “HSI’s focus has expanded to combat the next wave of anticipated fraud related to the COVID-19 vaccine and other treatments.
People who visit the sites will receive a message that the domains were seized by the federal government via a warrant issued by the U.S. Court for the District Court of Maryland.
“These individuals took advantage of fear during the global pandemic and attempted to steal personal information for nefarious purposes,” HSI Baltimore Special Agent in Charge John Eisert said in a statement.
An investigation into the websites began in December 2020 after one of the company’s corporate security found one of the fake domains. The other domain was found by an ongoing ICE HSI operation that focuses on publicly available websites that seem suspicious.
“Mordernatx.com” was reported on Dec. 10 by the global head of corporate security for Moderna, a biotechnology company based in Cambridge, Mass., whose COVID-19 vaccine was approved for emergency use by the Food and Drug Administration Friday.
The fraudulent website looked nearly identical to Moderna’s official website, though there was a slight spelling error in the company name. Personal information was collected by a company based in Kuala Lumpur, Malaysia, through an online form on the “contact us” tab.
“Regeneronmedicals.com” was detected on Dec. 9 by an ongoing HSI ICE investigation. The fraudulent domain was visually similar to a company based in Westchester County, N.Y., that received emergency authorization from the FDA to distribute a COVID-19 antibody cocktail used to treat patients.
The fraudulent website contained a Voice over IP number and two email addresses not on the official website. The domain was registered to an individual in Onitsha Anambra, Nigeria.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact email@example.com.