New York Attorney General Letitia James announced a sweeping effort she initiated in March to scrub the internet of websites seeking to illegally profit and deceive millions of Americans and hundreds of millions more around the world off the coronavirus disease 2019 (COVID-19) public health crisis. Over the last month, dozens of staff members in the Office of the Attorney General (OAG) have been reviewing domain names for potential scams attempting to take advantage of fearful consumers. Since March, the OAG has worked in cooperation with domain name registrars across the nation to — upon identification — remove websites selling, marketing, and promoting fraudulent goods and services. Additionally, the OAG has worked with these registrars to “lock” these domain names so they cannot be transferred to other registrars — ensuring they cannot be used to support any additional illegal activity.
“Unfortunately, the world wide web is filled with criminals and nefarious actors looking to exploit the coronavirus pandemic and take advantage of innocent victims,” said Attorney General James. “The operators of these scam sites are not only stoking fear in the hearts and minds of Americans, but are illegally profiting from their fraudulent deception. Alongside our partners at different domain registrars, we are working to cleanse the internet of these illegal sites one at a time, but we need all consumers to remain vigilant. We must stop these scammers from peddling their fraudulent sites and swindling Americans out of their hard-earned money.”
On March 20th, Attorney General James contacted a number of domain name registrars, including GoDaddy.com, in an effort to stop the registration and use of internet domain names by individuals and companies trying to unlawfully and fraudulently profit off consumers’ fears around the coronavirus. The registrars have been cooperating with Attorney General James’ investigation, and have acted quickly to take down numerous domain names after receiving information from the OAG about illegal and deceptive activity on websites associated with those domain names. The entities behind these domain names are violating a number of New York State laws, as well as the registrars’ terms of service.
To date, the OAG has had more than 20 fraudulent websites removed for marketing scams, including, but not limited to, sites:
- Selling Home Testing Kits: A number of websites have sold home testing kits to test for COVID-19, even though the Food and Drug Administration (FDA) has not approved any testing kits for home or other personal use.
- Phishing for Personal Information: A number of websites have tricked consumers into providing personal information, including credit card numbers, for fraudulent purposes.
- Selling Fake Cures and Remedies: A number of websites have sold products such as vitamin C and air purifiers, fraudulently and without any science-based research supporting claims that they can protect consumers from COVID-19. There is currently no FDA-approved vaccine or cure for COVID-19, and the World Health Organization has also said that there is no specific medicine to prevent or treat the coronavirus.
- Promoting Fraudulent Donation Sites: A number of websites have pretended to be legitimate charities — seeking donations for those in need — when, in reality, they have not been affiliated with any charity.
Additionally, the OAG’s efforts over the last month have found that a number of websites have not delivered medical supplies and other items ordered by consumers. In one case, a purchasing manager for a hospital in China purchased over $40,000 worth of masks and other medical supplies from a company that not only failed to deliver the supplies, but then disconnected its phone lines.
In another case associated with a telemarketing phishing scam, a website was created pretending to be a hospital in New York that did not exist. There were fake doctors on the website with made-up names and images pulled from widely-available stock photos of medical professionals. Language from the website was copied directly from other legitimate hospitals. There was an appointments page, where patients were asked to enter their name and contact information to "request" an appointment with a specific doctor or department, but no specific information was subsequently provided about the appointment.
To narrow down and remove the more than 20 sites in question, the OAG used both automated and manual processes to target the most suspect domains. The OAG then identified which domains were active, and then further narrowed down the list to which were deemed suspicious by analyzing website content. The remaining domains were subject to manual review and those selling, marketing, and promoting fraudulent goods and services were marked for removal.
The registration and creation of these fraudulent websites violate a number of laws, including, but not limited to, Executive Law § 63(12) and General Business Law § 349/350. These fraudulent sites have also violated the various domain name registrars’ terms of service for domain registration, which generally prohibit any deceptive or illegal products or services on the website associated with the domain name.
The Office of the Attorney General would like to thank the different registrars for their cooperation with the OAG in preventing bad actors from seeking to profit from the coronavirus pandemic.
Separately, in an effort to protect New Yorkers in the fight against coronavirus scams, Attorney General James sent a letter to Craigslist.com last month, calling on the company to immediately remove posts that attempt to price gouge users, or otherwise purport to sell items that provide “immunity” to the coronavirus or allow individuals to test for the disease.
If an individual believes they are a victim of a website-related COVID-19 scam, they should report it immediately to the OAG’s Bureau of Internet and Technology.
At this time, the OAG is not releasing the specific web sites taken down over the last month to avoid drawing attention to them and alerting the individuals behind these illegal operations to the investigation.
