Google says it has blocked 18 million daily malware and phishing emails related to COVID-19 over the past week.
Majority of malware and phishing emails involve impersonation.
This includes implementing multi-factor authentication methods that require people to prove their identity using two or more verification methods.
Google says it has blocked 18 million daily malware and phishing emails related to COVID-19 over the past week. The search giant also says it has encountered over 240 million daily spam messages related to the novel coronavirus. On a typical day, Google blocks over 100 million phishing messages daily. According to Google, the cybercriminals use both fear and financial incentives to create urgency to prompt users to respond.
Google says that the majority of malware and phishing emails involve impersonating government organizations such as the World Health Organization. Some of the coronavirus-related malware and phishing emails solicit fraudulent donations for various causes. In contrast, malware tricks attempt to deceive users into downloading files laced with malware on their devices. Other phishing attempts claim to possess information about the government stimulus packages for individuals and small businesses. Phishing scams targeting remote workers purport to be the recipient’s employer.
“The fact that 18 million Covid-19-related emails are blocked each day just by Google is a sign of just how prolific these attacks are,” Kron says. “In these times of high stress and change.
~ Erich Kron Cybersecurity Keynote Speaker
Learn more: PHISHING KITS BECOME “BESTSELLER” IN THE UNDERGROUND MARKET: RESEARCH
He added that criminals are aware of the system vulnerabilities arising from employees working at home away from secure corporate networks.
“The best thing organizations can do right now is to ensure that their employees have up-to-date training on how to spot and report phishing emails to their organization”.
~ LaSala, Director of Security Solutions
The search giant notes that most of the malware and phishing emails are not new but are existing campaigns updated to exploit the panic and curiosity caused by the current pandemic. The company adds that its machine learning AI algorithm can block 99.9% of spam phishing and malware from reaching its users. Google is also working on other techniques, such as implementing the Domain-based Message Authentication, Reporting, and Conformance (DMARC), to prevent fraudsters from impersonating the www.who.int domain. This method will also prevent WHO messages from accidentally being filtered out as spam due to the frequency of similar fraudulent messages.
Google advises people to avoid downloading files from untrusted users. Additionally, the search giant recommends using its email preview inbuilt tool to view documents before downloading.
However, some experts have been critical of Google’s response to malware and phishing emails threats. Colin Bastable, CEO of security awareness training company Lucy Security says Google allows scammers to associate Gmail accounts with phishing links while virtue-signaling its users about security.
Learn more: WORK FROM HOME: CYBER SECURITY DURING COVID-19