Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such
Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK.
As the coronavirus crisis spreads worldwide, cyber-criminals and state-sponsored actors have adapted their attacks to leverage pandemic-related lures. In April, Gmail was seeing 18 million COVID-related daily malicious emails.
The attacks have been evolving and the past month has revealed the emergence of regional hotspots and threats: COVID-19-related malware, phishing, and spam emails have been rising in India, Brazil, and the UK, using regionally relevant lures, financial incentives, and fear, the search giant explains.
Google says it has observed an increase in the number of scams targeting Aarogya Setu, an initiative where the government is trying to connect people across India with essential health services. At the same time, the number of attacks masquerading as COVID-19 symptom tracking has increased, fueled by the return of employees to workplaces.
The Internet giant also observed an increase in phishing scams targeting insurance companies in India, as more and more people in the country are looking to buy health insurance. The scams often quote established institutions, attempting to trick victims into clicking on malicious links.
In the UK, amid the government’s reveal of measures to help businesses get through the COVID-19 crisis, attackers are attempting to gain access to users’ personal information by masquerading as government institutions. In some cases, they also attempt to imitate Google.
In Brazil, phishers are increasingly targeting streaming services, which are becoming more and more popular in the country. Some of the emails rely on fear, claiming that the reader would be fined if they do not respond.
Google notes that Gmail continues to block over 99.9% of spam, phishing, and malware, and that it has proactive monitoring in place for COVID-19-related malware and phishing. Many of the threats, however, are not new, but old campaigns repurposed to exploit the COVID-19 crisis.
Earlier this year, the company introduced a deep-learning-based malware scanner that scans more than 300 billion documents every week, and which has already improved the detection of malicious scripts by over 10%.
“These protections, newly developed and already existing, have allowed us to react quickly and effectively to COVID-19-related threats, and will allow us to adapt quickly to new ones. Additionally, as we uncover threats, we assimilate them into our Safe Browsing infrastructure so that anyone using the Safe Browsing APIs can automatically stop them,” Google notes.