Home / Industry

Combating COVID-19 Cybercrime – What Internet Infrastructure Providers Like Afilias Are Doing

Written by Dr. James Galvin, Director, Technical Standards and Strategic Relationships at Afilias.

The ongoing Coronavirus pandemic has been fertile ground for scams and misinformation. Social platforms have been in the news for their efforts to protect users from such problems. What are Internet infrastructure providers like Afilias doing to keep spammers, phishers and other criminals from preying on Internet users?

Afilias is a domain name registry company.  Domain name registries maintain the authoritative list of all names ending in a certain top-level domain or "TLD" extension (e.g., .info or .org) and provide a directory that enables the proper delivery of mail, the arrival of visitors to a website, etc.

During times of crisis, it is not unusual for new internet scams to launch. For COVID-19, scammers are in overdrive. The Australian Government is listing some great current examples (Fig. 1).

Fig.1 – Phishing Campaign using "Benefit Allocation" lure (left), Phish using virus info as lurej (right)

Most of these use a domain name (or names) as a "base of operations."

Registries can help identify these scams and deter cyber-crime. Registry companies like Afilias (which owns .info, .pro and 20 other TLDs and provides technical services for nearly 200 more) have many years of experience identifying domain registrations that are dodgy and then mitigating any damage they may cause. Afilias' everyday arsenal for fighting cyber-crime has been instrumental in minimizing COVID-19 related domain abuse, and includes the following:

  • Review of New Registrations: Afilias scans 100% of all new registrations, looking for the "fingerprints" of established criminals or any names flagged by industry-trusted sources. Since January, Afilias has scanned over 1 million new registrations across 200 TLDs. All in, only about a hundred names appeared to involve abuse policy violations.

    For Covid-19 specifically, fewer than 4500 virus related names have been registered in Afilias' 22 TLDs, a trend that peaked in mid March, as shown below. Only a handful of these have been found to violate anti-abuse policies.

  • Cooperation with Covid-19 Cyber Threat Coalition(CTC): A relatively new organization, the CTC is a global volunteer community focused on defeating criminal activity during this pandemic such as attacks on critical institutions and campaigns of extortion and fraud. As a registry member, Afilias shares current intelligence, strengthening our joint ability to blunt these cynical attacks.
  • Coordination with Law Enforcement: From global law enforcement entities such as Interpol to local organizations like the US FBI, reputable registry operators have built longstanding and trusted relationships enabling information sharing that can lead to further evaluation and then action. For Covid related activity, only about a dozen Afilias sponsored names have been suspended due to joint effort with law enforcement.
  • Registrar teamwork: Since registrars work directly with domain registrants, Afilias coordinates with our registrar partners to address any suspicious registrations, e.g. registrations for which the domain name may have been compromised and could be "cleaned up" rather than eliminated. Speedy and clear communication is the key to protecting both the registrar and the public, and close coordination ensures that each suspected registrant is treated fairly and with due process. 

Registry infrastructure providers are working hard to identify and address domain-based criminal activity related to the pandemic. Responsible operators typically see lower levels of nefarious behaviour because the bad guys know which TLDs are being monitored with vigilance and aggressively protected. Scammers are smart: when they know they'll be busted, they take their cyber-scams elsewhere. While the public facing companies get all the press coverage, infrastructure providers are quietly and effectively protecting our part of the internet ecosystem.

By Afilias, Global Provider of Internet Infrastructure Service – Afilias is the world's second largest domain registry, with more than 20 million names under management. Afilias powers a greater variety of top-level domains than any other provider, and will soon support hundreds of new TLDs now preparing for launch. Afilias' specialized technology makes Internet addresses more accessible and useful through a wide range of applications, including Internet domain registry services, Managed DNS and mobile Web services like goMobi® and DeviceAtlas®.  Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

New TLDs

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byAppdetex

Cybercrime

Sponsored byThreat Intelligence Platform

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API