Skip to main content
Press Release

Maryland U.S. Attorney’s Office Seizes Fourth Domain Name Purporting to be the Website of a Company Producing a Treatment for COVID-19

For Immediate Release
U.S. Attorney's Office, District of Maryland
Fourth Domain Name Seized In Less Than Three Months That Used Similar Names, Trademarked Logos, and Graphics of Actual Companies to Create Fraudulent Websites in Order to Obtain Personal Information of Victims and Illegally Profit from the Pandemic

Baltimore, Maryland – The U.S. Attorney’s Office for the District of Maryland has seized “remdesivirmx.com,” which purported to sell and distribute Remdesivir, an antiviral drug approved for the treatment of the COVID-19 virus, in Mexico.  However, the website was fraudulent and instead appears to have been used to collect the personal information of individuals visiting the site, in order to use the information for nefarious purposes, including fraud, phishing attacks, and/or deployment of malware.  Individuals visiting the site now will see a message that the site has been seized by the federal government and be redirected to another site for additional information.

The seizure of the domain name was announced by Acting United States Attorney for the District of Maryland Jonathan F. Lenzner and Special Agent in Charge James R. Mancuso of Homeland Security Investigations - Baltimore.

“I urge citizens to remain vigilant.  Don’t provide personal information or click on websites or links contained in unsolicited e-mails.  Don’t become a victim,” said Acting U.S. Attorney Jonathan F. Lenzner. “My office and the entire law enforcement community will continue to do everything possible to bring to justice fraudsters who prey on citizens during this unprecedented public health crisis.” 

“This is the fourth COVID-related website seizure in Maryland and clearly demonstrates that fraudsters are motivated and actively trying to take advantage of Marylanders during a challenging time,” said Special Agent in Charge James Mancuso.  “Remember, if it sounds too good to be true, it probably is.  Use extreme caution on the internet, especially as it relates to COVID-19 treatments, vaccines, or financial relief.”

According to the affidavit filed in support of the seizures, Remdesivir, developed by Gilead Sciences, Inc. and marketed under the brand name Veklury, was approved by the U.S. Food and Drug Administration for the treatment of COVID-19 in October 2020.  The HSI Intellectual Property Rights Center (“IPRC”) and the HSI Cyber Crimes Center (“C3”) discovered an apparent fraudulent website, named “remdesivirmx.com.”  A domain analysis conducted by an HSI Cyber Operations Officer (“COO”) indicated the subject domain name was created on February 4, 2021, through a company located in Lithuania, with no personal information for the registrar listed.  The COO also reviewed the subject domain name’s online content and found it displayed the name and trademarked logos for Gilead and contained an incorrect spelling of Remdesivir.  The contact information presented by the subject domain name listed a Mexican telephone number and an address associated with a Mexican telemarketing website.

The “remdesivirmx.com” website is the fourth such fraudulent site seeking to exploit the COVID-19 pandemic that the U.S. Attorney’s Office for the District of Maryland has seized and disrupted in recent months.  Other such efforts include:

On January 15, 2021, the U.S. Attorney’s Office for the District of Maryland seized a fraudulent replication of the website of a biotechnology company based in Cambridge, Massachusetts that focuses on drug discovery, drug development, and vaccine technologies, including a vaccine for COVID-19.  The fake domain, modernatx.shop, included a link offering to sell COVID-19 vaccines.  Three men were subsequently charged with a scheme to allegedly sell purported COVID-19 vaccines.

On December 18, 2020, the U.S. Attorney’s Office for the District of Maryland seized two domain names, “mordernatx.com” and “regeneronmedicals.com,” which purported to be the websites of actual biotechnology companies developing treatments for the COVID-19 virus, but appear to have instead been used to collect the personal information of individuals visiting the sites.

The seizure of these four sites by the government has prevented third parties from acquiring the names and using them to commit additional crimes, as well as prevented third parties from continuing to access the fraudulent sites in their present form.

Federal law enforcement agencies are united in our efforts to fight against COVID-19 fraud.  HSI has identified tips to recognize and report COVID-19 fraud.  If you believe you are a victim of a fraud or attempted fraud involving COVID-19, you may also call the National Center for Disaster Fraud Hotline at 1-866-720-5721 or for more information e-mail justice.gov/coronavirus.    

Acting United States Attorney Jonathan F. Lenzner commended HSI for its work in these investigations.  Mr. Lenzner thanked Assistant U.S. Attorneys Aaron S.J. Zelinsky and Sean R. Delaney, who are handling the case.

# # #

Contact

Marcia Murphy
(410) 209-4854

Updated March 1, 2021

Topic
Coronavirus