ARLINGTON, Va. — A team of agents from the Department of Homeland Security was combing thousands of websites scouting for evidence of the next phase of fraud schemes: offers of treatments or vaccines for the coronavirus.
One of those agents, in Jacksonville, Fla., spotted a lead on what looked like a website for Moderna, just days before the company entered the final stages of authorization by the Food and Drug Administration for emergency use of its version of the vaccine. But the website listed the wrong phone number for the company and misspelled Moderna in its web address.
The agent quickly established that the site was not owned by Moderna at all.
Given the intense global demand for protection from Covid-19, it is perhaps not surprising that law enforcement authorities are already uncovering fake sites looking to cash in on the desperate search for alternative ways to obtain a vaccine for a disease that has ravaged the world.
That work from the team of agents from the Department of Homeland Security helped secure the latest takedown of a website posted by fraudsters looking to steal personal information under the guise of offering treatments for the coronavirus — and one of the first online schemes to use the name of a company approved by the United States to distribute the vaccine.
Investigators on Friday shut down the website claiming to belong to Moderna but was rather a trap set up to steal personal information and potentially deploy malware, according to a statement issued by the U.S. attorney for the District of Maryland.
The team from Homeland Security Investigations, a division of Immigration and Customs Enforcement, was brought together last spring to combat online fraud that has become pervasive during the pandemic.
The efforts were first focused on fraudulent personal protective gear during widespread shortages for the needed supplies. Now the ICE mission, “Operation Stolen Promise,” has turned to fraudsters claiming to sell the vaccine, deploying special agents trained in searching the dark web to work with private health care companies in shutting down the websites.
The efforts by the investigations unit — which is working in coordination with the F.B.I., the Justice Department and Customs and Border Protection — come as the international organization Interpol warned this month that organized crime networks were looking to take advantage of the high demand for the vaccine, calling it “liquid gold.”
“You have an elderly percentage of the population that’s very concerned about getting the right products and vaccines and P.P.E., and they’re not as internet savvy so they’re more likely to fall victim to these schemes,” said Matthew Swenson, the investigation unit’s network intrusion chief for its cybercrimes center. “If you could create a perfect environment for cyberfraud, this would be it.”
Homeland security officials said there was no evidence yet of criminal groups disrupting the supply chain with actual fake vaccines. But the department told customs officers at the border to be on high alert, advising them on the appearance of approved treatments and products and directing the agents to report back to the team any import that might look suspicious.
“We don’t want to really discourage the American public from accepting vaccinations,” said Steve K. Francis, the director of Homeland Security Investigations’s Intellectual Property Rights Coordination Center. “It’s a completely secure supply chain at this point with some vulnerabilities in the treatment.”
