BALTIMORE, MD—The U.S. Attorney’s Office for the District of Maryland has seized “remdesivirmx.com,” which purported to sell and distribute Remdesivir, an antiviral drug approved for the treatment of the COVID-19 virus, in Mexico. However, the website was fraudulent and instead appears to have been used to collect the personal information of individuals visiting the site for fraudulent purposes, including phishing attacks and/or the deployment of malware. Individuals visiting the site now will see a message that the site has been seized by the federal government and be redirected to another site for additional information.
The seizure of the domain name was announced by Acting United States Attorney for the District of Maryland Jonathan F. Lenzner and Special Agent in Charge James R. Mancuso of Homeland Security Investigations – Baltimore.
“I urge citizens to remain vigilant. Don’t provide personal information or click on websites or links contained in unsolicited e-mails. Don’t become a victim,” said Lenzner. “My office and the entire law enforcement community will continue to do everything possible to bring to justice fraudsters who prey on citizens during this unprecedented public health crisis.”
“This is the fourth COVID-related website seizure in Maryland and clearly demonstrates that fraudsters are motivated and actively trying to take advantage of Marylanders during a challenging time,” said Mancuso. “Remember, if it sounds too good to be true, it probably is. Use extreme caution on the internet, especially as it relates to COVID-19 treatments, vaccines, or financial relief.”
According to the affidavit filed in support of the seizures, Remdesivir, developed by Gilead Sciences, Inc. and marketed under the brand name Veklury, was approved by the U.S. Food and Drug Administration for the treatment of COVID-19 in October 2020. The HSI Intellectual Property Rights Center (“IPRC”) and the HSI Cyber Crimes Center (“C3”) discovered an apparent fraudulent website, named “remdesivirmx.com.” A domain analysis conducted by an HSI Cyber Operations Officer (“COO”) indicated the subject domain name was created on February 4, 2021, through a company located in Lithuania, with no personal information for the registrar listed. The COO also reviewed the subject domain name’s online content and found it displayed the name and trademarked logos for Gilead and contained an incorrect spelling of Remdesivir. The contact information presented by the subject domain name listed a Mexican telephone number and an address associated with a Mexican telemarketing website.
The “remdesivirmx.com” website is the fourth such fraudulent site seeking to exploit the COVID-19 pandemic that the U.S. Attorney’s Office for the District of Maryland has seized and disrupted in recent months.
On January 15, 2021, the U.S. Attorney’s Office for the District of Maryland seized a fraudulent replication of the website of a biotechnology company based in Cambridge, Massachusetts that focuses on drug discovery, drug development, and vaccine technologies, including a vaccine for COVID-19. The fake domain, modernatx.shop, included a link offering to sell COVID-19 vaccines. Three men were subsequently charged with a scheme to allegedly sell purported COVID-19 vaccines.
On December 18, 2020, the U.S. Attorney’s Office for the District of Maryland seized two domain names, “mordernatx.com” and “regeneronmedicals.com,” which purported to be the websites of actual biotechnology companies developing treatments for the COVID-19 virus, but appear to have instead been used to collect the personal information of individuals visiting the sites.
The seizure of these four sites by the government has prevented third parties from acquiring the names and using them to commit additional crimes, as well as prevented third parties from continuing to access the fraudulent sites in their present form.
Federal law enforcement agencies are united in our efforts to fight against COVID-19 fraud. HSI has identified tips to recognize and report COVID-19 fraud. Anyone who believes they may have been a victim of this type of fraud is urged to call the National Center for Disaster Fraud Hotline at 1-866-720-5721 or visit justice.gov/coronavirus.