Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Crime

Free Covid Tests Provide Latest Venue for Suspected Fraudsters (bloomberg.com) 25

As a new government website went live in January to offer free Covid-19 test kits, a rash of new domain names were registered. Some had remarkably similar URLs, or were nearly the same but slightly misspelled. From a report: Cybersecurity experts said the goal was likely the same for all of them: bogus domain names that can be used for phishing attacks and other scams. Suspected fraudsters have registered more than 600 suspicious domain registrations since Jan. 15, around the time Biden administration announced details about a program in which the U.S. Postal Service would deliver Covid-19 tests to Americans' homes, email security firm Proofpoint told Bloomberg News. The look-alike URLs are often meant to trick Covid-weary Americans into thinking they are signing up for a free nasal swab, when in fact they might be handing personal data over to a cybercrime syndicate, cybersecurity experts said. The government website for free Covid tests, covidtests.gov, opened for business on Jan. 18, along with a related site, special.usps.com, where users are directed to place an order with the Postal Service.
This discussion has been archived. No new comments can be posted.

Free Covid Tests Provide Latest Venue for Suspected Fraudsters

Comments Filter:
  • by Valgrus Thunderaxe ( 8769977 ) on Monday January 31, 2022 @11:29AM (#62223817)
    Would read something like this --

    "As the US Government's free Covid-19 test kit website went live, there were no indications of fraud or abuse whatsoever."
    • Re:The real news (Score:4, Informative)

      by xevioso ( 598654 ) on Monday January 31, 2022 @12:56PM (#62224185)

      The government seems to have been relatively capable in getting the site up, but seriously, it's not rocket science to figure out that you need to register a ton of similar names when you make a site like this to prevent this from happening. I mean, close to the top of "build a website" in the list should be "bur a bunch of domain names similar to the main one and point them all to the main site to prevent fraud. This could have been done by the people buying the original domain name in 30 min.

      • by _xeno_ ( 155264 )

        This could have been done by the people buying the original domain name in 30 min.

        The original domain name is a .GOV. You can't buy those. You can only request them, and only if you're part of the US Government.

        I assume they figured that they didn't need to buy any similar domains because the .GOV domain is tightly controlled, they just never thought of things like someone doing covidtestsgov.com.

        It's also entirely likely no one really thought it through. This website was thrown together last-minute anyway. Through December the Biden administration was claiming free tests weren't needed,

        • Not all government sites use exclusively .gov domains.
          It is infuriating to have to assume that a .com domain that claims to be government actually is government.
          Same for having to use a 3rd party (like ID.me) in order to access government sites. We should not have to accept any non-government TOS or site policy or private-entity-trustworthiness to access or get government information, sites, services.

      • by kmoser ( 1469707 )
        Even if you register with the correct site, there's no guarantee your personal info won't fall into the wrong hands.
  • Honestly, if people are dumb enough to fall for this stuff, I don't have a lot of sympathy. We've been dealing with this shit long enough that there just is no excuse anymore.
  • the non home testing centers are cheating as well.

  • The government's decision to award a $1.3 billion contract to iHealth, a subsidiary of China’s Andon Health Co. Ltd. that will supply millions of COVID-19 tests to the United States, is akin to “paying the arsonist for helping put out the fire.”

  • I get a paywall/throttlewall for Bloomberg. Has anybody found an alt source yet? Thanks in advanced.

  • I did it on the first day, but still haven't gotten any. IIRC, it said end of this month. Well, it's almost Februrary!

"Pull the trigger and you're garbage." -- Lady Blue

Working...