NEW RESEARCH: Phishing Sites Spike 235 Percent as COVID-19 Pandemic Creates Larger Remote Workforce Learn More

COVID-19 (Coronavirus) Global Online Phishing & Scams Dashboard

Last updated: March, 24, 2020 01:25 AM PT


Suspicious Domains

Confirmed Scams

Read our latest blog post on COVID-19 scams here

Coronavirus Scams & Phishing Feed Download Feed File as CSV Download full feed
URL Category Disposition Time Detection | insights Medical Supplies scam Mar 31, 2020 14:25:20 | insights Free Testing Kits scam Mar 28, 2020 21:30:44 | insights Free Testing Kits scam Mar 31, 2020 14:18:45 | insights Corona Safety Instructions suspicious Mar 31, 2020 14:18:22 | insights Free Testing Kits scam Mar 31, 2020 11:57:37 | insights Medical Supplies scam Mar 30, 2020 15:43:48 | insights Covid crytocurrency scam Mar 25, 2020 05:41:58 | insights Free testing Kits scam Mar 20, 2020 06:23:46 | insights Fake Charity scam Mar 22, 2020 14:21:33 | insights Free testing Kits scam Mar 22, 2020 13:53:16 | insights Fake Charity scam Mar 22, 2020 09:14:37 | insights Free testing Kits scam Mar 20, 2020 06:23:46 | insights Fake Charity scam Mar 20, 2020 21:10:47
Covid Staff Bank| insights Covid Bank scam Mar 25, 2020 03:54:20| insights Covid Bank scam Mar 20, 2020 04:50:30 | insights Fake Charity scam Mar 25, 2020 06:18:04 | insights Fake Charity phish Mar 25, 2020 06:18:04 | insights Covid Cryptocurrency scam Mar 25, 2020 06:17:31 | insights Medical Supplies scam Mar 25, 2020 06:17:12 | insights Medical Supplies scam Mar 25, 2020 06:16:29 | insights Medical Supplies scam Mar 25, 2020 06:12:52 | insights Medical Supplies scam Mar 25, 2020 06:10:50 | insights Medical Supplies scam Mar 25, 2020 06:10:43 | insights Medical Supplies scam Mar 25, 2020 05:53:06 | insights Medical Supplies scam Mar 25, 2020 05:49:07

Want to automate your phishing detection & response?

Sign up for our free phishing detection API and bulk scan.

Frequently Asked Questions

Feed Questions

Questions related to scam and suspicious feed

6 answers

Feeds and dashboard are currently updated once a day. We are working hard to make this dashboard and feed real-time.

Please report all FPs and FNs to us via contact us form. We'll review your submissions and make necessary changes in the feed in the next update.

Here is the link to the Github repository which has whitelist COVID related hosts and domains. It is community maintained. Please feel free to contribute.

CheckPhish's AI engine uses multiple artifacts to classify a URL. Domains with scam verdicts are ok to be blacklisted in your environments. Domains with suspicious verdicts can be combined with other threat intelligence you may have to create powerful filters.

Each entry in the feed is associated with a date and the domain's disposition (scam/suspicious) is for that date. Since these domains change behavior over time (e.g. hosting infrastructure), their real-time scan on CheckPhish may or may not have the same disposition as when they were added to the feed.

CheckPhish's sensors get millions of urls from a variety of sources including newly observed domains, submissions on CheckPhish, spamtraps, certificate transparency logs and several others.

COVID-19 Phishing

Questions related to COVID-19 online scams and phishing

9 answers

COVID-19 phishing refers to phishing campaigns using the 2019-2020 global coronavirus pandemic to trick people into giving away login credentials.

COVID-19 scamming refers to any scams trying to use the COVID-19 global pandemic to get you to do something that you would not normally want to do.

Examples include: fake storefronts selling n95 masks, webpages impersonating government assistance organizations, basic supplies counterfeiting, charity scams (purporting to support sick people or people who lost their jobs), COVID-19 charitable cryptocurrency giveaways, and much more.

Much like regular phishing, COVID-19 phishing spreads through any medium where links can be exchanged. The most common medium is email, but social media, text messaging, messaging apps, document sharing platforms, and other free platforms are also used.

Not exactly. Phishing, and specifically phishing of corporate credentials (e.g. Outlook, Office, Zoom, WebEx, Skype, etc.), is on-going. Every major brand has some safeguards in place to protect against this sort of thing. This type of phishing is particularly prevelant today, because of general global uncertainty/anxiety and a large remote workforce that isn't used to working from home. Since people aren't used to working from home, their sense of what is normal or abnormal is distorted. A phishing link that would've been an obvious fake seems more plausible.

New phishing sites per month have more than doubled. As part of the broader trend of increased remote workforce phishing, Office/Outlook phishing sites were up 46% (Early March vs. early Feb).

Yes. We are seeing many categories of scam. Specifically, governement assistance, medical supplies countefeiting, basic supplies counterfeiting, remote workforce phishing, and COVID-19 or coronavirus charitable crypto giveaways.

Yes. We made this COVID-19 threat intelligence feed (coronavirus threat intelligence feed) for the broader community - free of charge.

Two key strategies: prevention and quick action. Prevention - If it feels odd or abnormal, it just might be. Don't click on things from sources that you don't know. From the sources that you do know, confirm with them directly on another medium, other than the one where you received the suspected phish. Quick action - if you do suspect that you've been phished, don't panic! Just reset your password for the potentially phished account and any other account reusing similar credentials.

Coronavirus refers to a category of viruses, while COVID-19 refers to the specific disease (COrona VIrus Disease) caused by the 2019 novel coronavirus. Coronavirus gets its name from the ring, crown, or corona seen around the virus under microscope.

Coronavirus phishing and COVID-19 phishing refer to the same thing - email phishing or phishing sites that are targeting people through news or fear around COVID-19.

All other FAQ are here

Built by security people,
for security people

If you’re a security researcher, security analyst, or you manage your company’s SIEM/SOAR/firewall/email security platform, feel free to download the feed above and blacklist all of the domains in your security platform of choice.


The state of COVID phishing and online scamming

In late 2019, we saw the first outbreak of Coronavirus disease (COVID-19). Fast forward four months, and large portions of the world are under lockdown or shelter-in-place policies. As the world reels from a global pandemic, scammers have found a window of opportunity. Global anxiety, panic buying, remote workforce, and general uncertainty come together to form ideal conditions for online phishing and scams. Moreover, we’ve seen total phishing and scam sites, remote workforce-targeted scams, and emergency supply scams spike. This dashboard will give you the latest updates on the state of global phishing and online scams.

Free Coronavirus Scams Threat Feed

This dashboard is not only meant to be informative, but also actionable. In times of need, we believe in doubling down on our community values. As such, we want to create a free feed of the latest suspicious coronavirus sites.