The Coordination Center for TLD .RU / .РФ continues to monitor the pace of registrations of .RU and .РФ domain names that include worlds semantically linked to COVID-19, or related to measures to control the spread the coronavirus in Russia.
During the first two weeks of May, 187 coronavirus-related domains were added to the .RU zone, and 41 to .РФ. The total increase included 228 new domain names, down 50 percent from the previous two weeks: over the last 14 days of April, 507 domain names associated with the pandemic were registered.
Over the entire observation period (January 1 - May 13, 2020), 3,242 names in .RU and 729 in .РФ were added to “corona-domains;” overall, there are now 3,971 websites in Russian national domains containing the words corona, covid, pandemia, propusk, корона, ковид, пандемия, пропуск and the like.
But cybercriminals are keeping their eye on the ball, so be careful when clicking any websites you don’t know: in the second week of May, 51 domain names were registered containing words such as выплата, vyplata, пособие, posobie and other words related to the promised state support payments in May and June. As many as 42 such domain names are registered in .RU and 9 in .РФ. Spot checks have revealed that some of them link to phishing pages.
As a reminder, the purpose of this monitoring is to identify suspicious registrations in .RU and .РФ and, with the help of the public and private whistle-blowers on the Netoscope project, to reduce potential harm from them.
To date, Kaspersky Lab, one of the project participants, has flagged 1,553 coronavirus domains in .RU and 295 in .РФ with “data loss threat” in its products (eight more than during the previous check). This means that all devices protected by Kaspersky anti-virus apps have been updated on these domain names and users who visit them will be alerted to the potential threats.
Sergei Golovanov, leading expert at Kaspersky Lab, speaks about the work of Kaspersky Lab in our new video available at here. Sergei’s job at the computer incident investigation department is mainly to identify fraudulent sites. Watch our video to find out how the statistics of online fraud have changed over the past 15 years, which topics are “trending” among cybercriminals, what social engineering is and what you should look out for to protect yourself and your family from fraud. Two out of three coronavirus-related sites are fraudulent, Sergei warns. Be careful! Watch our video on the TLD .RU / .РФ Coordination Center channel on YouTube.
Tips from Internet security experts to help protect yourself from cyber fraud, as well as instructions on where to go when a fraudulent site is detected, are available on the Media Center page.
