The U.S. Attorney's Office for the District of Maryland has taken possession of two domain names claiming to be the websites of actual biotech companies Moderna and Regeneron but instead were fraudulent websites that allegedly stole users' info for phishing and malware attacks.
Six details:
1. The two domains, "mordernatx.com" and "regeneronmedicals.com," claimed to be developing treatments for COVID-19 but actually were collecting the personal information of individuals visiting the sites, according to the Dec. 18 news release issued by the U.S. Attorney's Office.
2. The website creators then used the personal information for fraud, phishing attacks and to deploy malware, officials alleged. Individuals who visit the sites now will see a message that states the site has been seized by the federal government.
3. Officials began investigating the fraudulent websites in early December after corporate security for one of the companies found the spoof website and contacted Homeland Security Investigations. The other spoof website was discovered during an ongoing HSI operation targeting malicious websites.
4. The Moderna spoof website displayed the same name and trademarked logos as the company, and individuals who clicked on the webpage's "Contact Us" tab were redirected to an entry form that requested information including name, company, title, phone and email.
5. The Regeneron spoof website's subject domain name contained two email addresses and a phone number not found on the official company's website.
6. The fake Regeneron website's "Contact Us" page directed "healthcare professionals, patients or caregivers requesting specific product information, reporting an adverse event or reporting a product complaint" to contact the medical department at a Voice over IP number.