<img src="https://certify.alexametrics.com/atrk.gif?account=kla4t1zDGU20kU" style="display:none" height="1" width="1" alt="">
Contact us
Free Quickscan →
Cybersprint Digital Risk Protection Platform

The Cybersprint Platform

We’ve developed a unique Digital Risk Protection SaaS-platform that works 24/7 as an automated ethical hacker, continuously in search of online vulnerabilities. Read more

Cybersprint provides realtime insights

Make the world more cyber-secure

Cybersprint protects organisations by providing real-time insights into their online footprint. Read more

close

Pandemic-related domains list

by Sebastiaan Bosman Blog, Analyst Report 11 May 2020

- The information in this article will be updated frequently - 

The 2020 pandemic has forced us all to adapt the way we work and communicate. Cybercriminals are leveraging the situation at the expense of others. At Cybersprint, we aim to keep these digital risks to a minimum. Therefore, we're sharing our research, containing a list of dodgy Corona-related domains you can use for blacklisting purposes.

Creating a domain ‘blacklist’

In our previous blog, we talked about three types of malicious activity to watch out for. Cybercriminals are using a variety of methods for their own gain. The opportunists are (falsely) offering supplies such as face masks or phony tests. Fraudsters are using the crisis and increased web traffic on the subject for phishing purposes and to spread malware. In addition, nation state-funded campaigns and the spread of misinformation don’t help either.

The cybercriminals are setting up new domains for their activities. The registration date of the domains can be tracked, together with other detectable information. We have taken these variables to trace domain registrations related to the pandemic using our Digital Risk Protection platform. The result is a list of thousands of domain names. Please note we can't be sure there aren't any genuine domains in here, but we believe the vast majority of these entries are, or will be used, for malicious purposes. If you want to use them for blacklisting, please bear this in mind. 

You can download the complete list here (.xlsx).

Both the list as well as the information in this article will be updated periodically. 

Development over time

So far, we have traced over 94,600 new domains. After 11 March, the daily registrations increased rapidly, peaking at over 4700 on 18 March. After that, we start to see a decline in registrations, as shown below.

Please note that the data of recent days is still likely to change, as the scan continues to analyse the found domains. 


Still, the activity has not stopped yet. COVID-19 related domains kept being created in the weeks after the spike, with an average of 372 new domains per day starting from 29 March. 

Unfortunately, the decline we saw over April hasn't continued, as new spikes appeared late April and early May. We don't expect the opportunists to completely diminish their activity in the near future. Until then, we advise to stay vigilant when it comes to URLs and websites on COVID-19 and the corona virus in general. 


pasfoto001Sebastiaan Bosman is Content Marketeer at Cybersprint.
With a background in Comm
unications and Linguistics,
he is responsible for the creation and editing processes of most internal and external communication. He writes content such as blogs, whitepapers and case studies, primarily based on Cybersprint’s own research data. Previously, Sebastiaan worked as Content & Communications Advisor at ING Global. 

Pandemic-related domains list

- The information in this article will be updated frequently -  The 2020 pandemic has forced us all to adapt the way we work and communicate. Cybercriminals are leveraging the situation at the expense of others. At Cybersprint, we aim to keep these digital risks to a minimum. Therefore, we're sharing our research, containing a list of dodgy Corona-related domains you can use for blacklisting purposes.

read more

Control over third-party risk

Most organisations outsource parts of their IT infrastructure. This brings different opportunities for the services they deliver, such as cloud accessibility or faster web traffic through external web hosting. But there is a downside. As more parts of the online footprint are in the hands of third parties, the digital attack surface of your organisation grows. Even though you cannot directly control those assets, your brand can be held accountable when data is leaked. So, does an increased complexity of the digital infrastructure also mean more risks to an organisation’s online footprint? And how can you find out?

read more

Bad actors leveraging crises: 3 types of activities to watch out for

2020 is surely not starting out as we expected, as the horrible virus is disrupting and even ending the lives of many. We have mixed emotions writing this up, because there many people doing way more important work, like healthcare workers. Unfortunately, the bad guys have leveraged the crisis like clockwork. We looked at the three most common activities of bad actors.

read more

Do you have a question?

Our experts have the answers

Contact us