An internet intelligence gateway has been established to analyze and compile malicious URLs related to COVID-19.
With thousands of newly created COVID-19-related malicious websites launching every day, the gateway accepts submissions of suspicious URLs or emails, providing a lookup service that taps into RiskIQ’s infrastructure to analyze and compile malicious URLs related to COVID-19. Submissions are analyzed by RiskIQ’s systems and each malicious URL is added to RiskIQ blacklists through community participation.
Over a two-week period, RiskIQ noted 317,000 new websites related to COVID-19.
“Our goal with the gateway is to help the security community work together in our response to the influx of criminal activity,” said RiskIQ CEO Lou Manousos. “The COVID-19 Internet Intelligence Gateway will be a powerful resource for keeping organizations safe during this crisis.”
The gateway will also allow security teams to block blacklists of known bad infrastructure to immediately protect their organizations from new campaigns leveraging the COVID-19 crisis.
Also newly launched is a COVID-19 Chrome Extension, which allows users to submit suspect URLs, host names or domains to RiskIQ for “crawling” purposes. Reports will include detailed information from the crawl, including referenced pages, screenshots and classification of content.
In April, it was reported that 18 million malware and phishing Gmail messages related to COVID-19 were detected by Google’s Threat Analysis Group per day, in addition to more than 240 million COVID-related daily spam messages.
It detected examples including fake solicitations from charities and NGOs, messages trying to mimic employer communications and employees working from home, along with websites posing as official government pages and public health agencies.