ProPrivacy released the results of its Covid-19 Malicious Domain Report, which is conducted in partnership with Google unit VirusTotal and WhoisXML. ProPrivacy analyzed over 600,000 Covid-19 related domains to find malicious activity. According to the report, there are thousands of phishing domains and still, as many as 1,200 domains are being registered each day. According to the report, over 125,000 domains are labeled as malicious, most of them are used for phishing activity. The report also shows that malicious activity was spiked during mid-March, shortly after WHO declared the pandemic.
COVID-19 fraud sites
ProPrivacy also stated that thousands of domains resolved to single IPs. The most abused IP in the dataset belongs to GoDaddy in Arizona. The IP was associated with 3,285 domains gathered during the study. Unsurprisingly, service providers with most malicious Covid-19 related domains are GoDaddy, Google, Namecheap, Shopify, and Amazon. Registrars have been taking decisive action to combat malicious activity. GoDaddy said in a statement:
“To date, our teams have already investigated and removed COVID-19 fraud sites in response to reports, and our vigilance will continue long after the COVID-19 crisis comes to an end. We’ve equipped our teams with the tools and technologies they need to promptly investigate any and all reports of abuse.”