Google blocking 18m coronavirus scam emails every day

[Karlston]

Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week

Existing phishing scams have been updated to exploit COVID-19 concerns

Illustration by Alex Castro / The Verge

Google says it saw more than 18 million daily malware and phishing emails related to COVID-19 scams just in the past week. That’s on top of the more than 240 million daily spam messages it sees related to the novel coronavirus, the company says.

 

The phishing attacks and scams “use both fear and financial incentives to create urgency to try to prompt users to respond,” Google says. In other words, same email scam, different subject line.

 

These scams include impersonating government organizations like the World Health Organization to try to solicit donations or trick users into downloading malware; pretending to have information about government stimulus payments; and phishing attempts aimed at workers who are working remotely. This scammer pretends to be affiliated with the recipient’s employer:

Google say its artificial intelligence-powered protections filter such threats, and that it blocks “more than 99.9 percent of spam, phishing, and malware from reaching our users” using AI and other techniques. The company also says it worked with WHO on implementing DMARC (Domain-based Message Authentication, Reporting, and Conformance) to make it more difficult for scammers to impersonate the who.int domain and prevent legitimate emails from the WHO from being caught in spam filters.

 

The company says in many cases the malware and phishing threats aren’t new but just existing malware campaigns updated to exploit fear and confusion around COVID-19. The usual cautions apply: don’t click links in emails you weren’t expecting, report phishing emails, and make sure a URL is legitimate before providing any information, since most scammers try to closely approximate real URLs.

 

 

Source: Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week (The Verge)

[lolsee2]

Scammers are sending 18 million hoax emails about Covid-19 to Gmail users every day, according to Google.

 

 

The tech giant says the pandemic has led to an explosion of phishing attacks in which criminals try to trick users into revealing personal data.

The company said it was blocking more than 100 million phishing emails a day. Over the past week, almost a fifth were scam emails related to coronavirus.

The virus may now be the biggest phishing topic ever, tech firms say.

Google's Gmail is used by 1.5 billion people.

 

One of the scam emails impersonates the World Health Organization

 

 

Individuals are being sent a huge variety of emails which impersonate authorities, such as the World Health Organization (WHO), in an effort to persuade victims to download software or donate to bogus causes.

 

Cyber-criminals are also attempting to capitalise on government support packages by imitating public institutions.

Google claims that its machine-learning tools are able to block more than 99.9% of emails from reaching its users.

 

This scam email targeted businesses on Gmail

 

 

The growth in coronavirus-themed phishing is being recorded by several cyber-security companies.

Barracuda Networks said it had seen a 667% increase in malicious phishing emails during the pandemic.

Scammers have been sending fake emails and text messages claiming to be from the UK government, the WHO, the Centre for Disease Control and Prevention and even individual US officials, including President Trump.

 

"Phishing attacks always share the common trait of inciting or depending on an emotion that causes us to act more hastily or think less about our actions at that moment in time," said independent security researcher Scott Helme.

"The coronavirus pandemic is a highly emotional topic right now and cyber-criminals clearly know this. They're hoping that the typical person might be more inclined to click through links or follow bad instructions if they use this lure."

 

'Exploitation'

Researchers have also found malicious websites and smartphone applications based on genuine coronavirus resources.

One malicious Android app claims to help track the spread of the virus, but instead infects the phone with ransomware and demands payment to restore the device.

Last week, the National Cyber Security Centre and the US Department of Homeland Security issued a joint advisory.

They said they had seen "an increasing number of malicious cyber-actors" that were "exploiting the current Covid-19 pandemic for their own objectives".

The NCSC has published advice on its website to help people avoid becoming the victim of a scam.

 

Source: 

https://www.bbc.com/news/technology-52319093

 

[Matrix]

Topic Merged.