BALTIMORE, MD—The U.S. Attorney’s Office for the District of Maryland has seized a fifth domain name, “usaregenermedicals.com,” which purported to sell and distribute REGEN-COV2, an antibody drug cocktail approved for the treatment of COVID-19 virus.
The website was fraudulent and instead appears to have been used to collect the personal information of individuals visiting the site, in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware. Individuals visiting the site now will see a message that the site has been seized by the federal government and be redirected to another site for additional information.
The seizure of the domain name was announced by Acting United States Attorney for the District of Maryland Jonathan F. Lenzner and Special Agent in Charge James R. Mancuso of Homeland Security Investigations – Baltimore.
“This is the fifth fraudulent website taking advantage of the COVID-19 pandemic that we have seized in recent months,” said Lenzner. “We urge all Maryland residents to be skeptical – don’t provide personal information or click on links in unsolicited e-mails and remember that the COVID vaccine is not for sale. The Federal government is providing the vaccine free of charge to people living in the United States. We will continue to aggressively prosecute these fraudsters who seek to prey on unsuspecting residents and their families.”
“Remember, if it sounds too good to be true, it probably is. Use extreme caution on the internet, especially as it relates to COVID-19 treatments, vaccines, or financial relief,” said Mancuso. “Scams like the one alleged to have occurred here take advantage of people’s desire to protect themselves and their families and collect personal information that may be used for nefarious purposes.”
According to the affidavit filed in support of the seizures, REGEN-COV2, developed by Regeneron Pharmaceuticals, Inc., was approved by the U.S. Food and Drug Administration for emergency use for the treatment of COVID-19 in November 2020. The HSI Intellectual Property Rights Center and the HSI Cyber Crimes Center (C3) discovered an apparent fraudulent website, named “usaregenermedicals.com.” A domain analysis conducted by an HSI Cyber Operations Officer (COO) indicated the subject domain name was created on January 21, 2021, by a registrar listed as NameCheap, Inc. located in Phoenix, Arizona. The COO also reviewed the subject domain name’s online content and found it displayed the name, address, and trademarked logos for Regeneron, as well as links or buttons that also appear on the official Regeneron website. The COO found that the links and buttons on the fraudulent site did not function and the fraudulent site also displayed three individuals listed in the “Corporate Leaders” section that do not appear on the official Regeneron website.
The “usaregenermedicals.com” website is the fifth such fraudulent site seeking to exploit the COVID-19 pandemic that the U.S. Attorney’s Office for the District of Maryland and its law enforcement partners have seized and disrupted in recent months. Other such efforts include:
On March 1, 2021, the U.S. Attorney’s Office for the District of Maryland seized “remdesivirmx.com,” which purported to sell and distribute Remdesivir, an antiviral drug approved for the treatment of the COVID-19 virus, in Mexico. However, the website was fraudulent and had been used to collect the personal information of individuals visiting the site, in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware.
On January 15, 2021, the U.S. Attorney’s Office for the District of Maryland seized a fraudulent replication of the website of a biotechnology company based in Cambridge, Massachusetts that focuses on drug discovery, drug development, and vaccine technologies, including a vaccine for COVID-19. The fake domain, “modernatx.shop,” included a link offering to sell COVID-19 vaccines. Three men were subsequently charged with a scheme to allegedly sell purported COVID-19 vaccines.
On December 18, 2020, the U.S. Attorney’s Office for the District of Maryland seized two domain names, “mordernatx.com” and “regeneronmedicals.com,” which purported to be the websites of actual biotechnology companies developing treatments for the COVID-19 virus, but appear to have instead been used to collect the personal information of individuals visiting the sites.
The seizure of these five sites by the government has prevented third parties from acquiring the names and using them to commit additional crimes, as well as prevented third parties from continuing to access the fraudulent sites in their present form.
HSI has identified tips to recognize and report COVID-19 fraud. If you believe you are a victim of a fraud or attempted fraud involving COVID-19, you may also call the National Center for Disaster Fraud Hotline at 1-866-720-5721 or for more information, visit https://www.justice.gov/coronavirus.