Coronavirus related domain names have become the new paradise for scammers and fraudsters. A report by Palo Alto’s Unit 42 researchers published in May found that more than 86,600 domains out of the 1.2 Million newly registered domain names with keywords related to the coronavirus outbreak from March 9 to April 26, 2020 were classified as risky or malicious. On an average, 1,767 such domains were registered every day in the given time period.
While efforts have been undertaken to identify and suspend such websites, the fraudsters as such leave unharmed. Lawmakers in the US have been steadily demanding access to the database of domain name owners, to hold them accountable. Following the implementation of the European Union’s General Data Protection Regulation two years ago, domain name registrars and the ICANN decided to redact personal information found in the WHOIS database worldwide, lest the listings be seen as a privacy violation. This expansive privacy law is adding hurdles for investigators trying to find out the real faces behind the scams.
Some registrars said that they used certain tools to rule out potential scamsters at the time of registration. For example, InMotion Hosting Inc., in its letter to the senators, said that it cross-references the contact information provided at the time of registration with data available in the public to address potential criminal activity. Name.com Inc. (Donuts Inc.’s registrar) said it uses a variety of internal and external tools from IBM Corp. and other companies to identify such behaviours among its customers.
Even consumer advocates, who usually follow a strict pro-privacy agenda, say that in cases like these, law enforcement officials ought to be fully equipped to protect Americans given how quickly domain name related scams come up.