Combating COVID-19 Cybercrime – What Internet Infrastructure Providers Like Afilias Are Doing

Read the original article: Combating COVID-19 Cybercrime – What Internet Infrastructure Providers Like Afilias Are Doing


Written by Dr. James Galvin, Director, Technical Standards and Strategic Relationships at Afilias.

The ongoing Coronavirus pandemic has been fertile ground for scams and misinformation. Social platforms have been in the news for their efforts to protect users from such problems. What are Internet infrastructure providers like Afilias doing to keep spammers, phishers and other criminals from preying on Internet users?

Afilias is a domain name registry company.  Domain name registries maintain the authoritative list of all names ending in a certain top-level domain or “TLD” extension (e.g., .info or .org) and provide a directory that enables the proper delivery of mail, the arrival of visitors to a website, etc.

During times of crisis, it is not unusual for new internet scams to launch. For COVID-19, scammers are in overdrive. The Australian Government is listing some great current examples (Fig. 1).

Fig.1 – Phishing Campaign using “Benefit Allocation” lure (left), Phish using virus info as lurej (right)

Most of these use a domain name (or names) as a “base of operations.”

Registries can help identify these scams and deter cyber-crime. Registry companies like Afilias (which owns .info, .pro and 20 other TLDs and provides technical services for nearly 200 more) have many years of experience identifying domain registrations that are dodgy and then mitigating any damage they may cause. Afilias’ everyday arsenal for fighting cyber-crime has been instrumental in minimizing COVID-19 related domain abuse, and includes the following:

  • Review of New Registrations: Afilias scans 100% of all new registrations, looking for the “fingerprints” of established criminals or any names flagged by industry-trusted sources. Since January, Afilias has scanned over 1 million new registrations across 200 TLDs. All in, only about a hundred names appeared to involve abuse policy violations.

    For Covid-19 specifically, fewer than 4500 virus related names have been registered in Afilias’ 22 TLDs, a trend that peaked in mid March, as shown below. Only a handful of these have been found to violate anti-abuse policies.

  • Cooperation with Covid-19 Cyber Threat Coalition(CTC): A relatively new organization, the CTC is a global volunteer community focused on defeating criminal activity during this pandemic such as attacks on critical institutions and campaigns of extortion and fraud. As a registry member, Afilias shares current intelligence, strengthening our joint ability to blunt these cynical attacks.
  • Coordination with Law Enforcement: From global law enforcement entities such as Interpol to local organizations like the US FBI, reputable registry operators have built longstanding and trusted relationships enabling information sharing that can lead to further evaluation and then action. For Covid related activity, only about a dozen Afilias sponsored names have been suspended due to joint effort with law enforcement.
  • Registrar teamwork: Since registrars work directly with domain registrants, Afilias coordinates with our registrar partners to address any suspicious registrations, e.g. registrations for which the domain name may have been compromised and could be “cleaned up” rather than eliminated. Speedy and clear communication is the key to protecting both the registrar and the public, and close coordination ensures that each suspected registrant is treated fairly and with due process. 

Registry infrastructure providers are working hard to identify and address domain-based criminal activity related to the pandemic. Responsible operators typically see lower levels of nefarious behaviour because the bad guys know which TLDs are being monitored with vigilance and aggressively protected. Scammers are smart: when they know they’ll be busted, they take their cyber-scams elsewhere. While the public facing companies get all the press coverage, infrastructure providers are quietly and effectively protecting our part of the internet ecosystem.


Read the original article: Combating COVID-19 Cybercrime – What Internet Infrastructure Providers Like Afilias Are Doing