Since the start of the COVID-19 pandemic, the Spanish National Police have monitored 415,973 domain names related to COVID-19 with the aim of finding possible indications of illegal activity. During this process, agents have found 120,353 domain names suspected of being used for illegal activities, or with the potential to do so in a very short time.
The National Police (Policía Nacional) then undertook a more thorough analysis both of the domains themselves, as well as the web pages and servers to which each of them pointed. This resulted in finding 45,773 domains that were being used for criminal activities. The news release from the National Police doesn’t indicate whether they are only focussed on domain names under Spain’s ccTLD or a wider search.
The Central Cybercrime Unit of the National Police (Unidad Central de Ciberdelincuencia de la Policía Nacional) has requested, obtained and verified the blocking of all of the domains and, at the moment, continues its monitoring work in case the block of any of these websites is lifted, even though this possibility is considered unlikely.
On the remaining 74,580 domains with indications they may be activated in the future to commit cybercrime-related activities, the monitoring process is continuing to in case they are activated, and if so proceed to their blocking if it’s warranted.
The National Police note that the initial number of 415,973 monitored domains will continue to increase with the monitoring work of the National Police continuing.
The Central Computer Security Brigade of the Central Cybercrime Unit of the National Police (La Brigada Central de Seguridad Informática de la Unidad Central de Ciberdelincuencia de la Policía Nacional) has among its functions entrusted with active cyber-patrol of the dark and open web. During the current pandemic, this activity has intensified and a concrete approach to content relating to the health crisis situation caused by COVID-19 has been intensified.