Google on Friday said it saw 18 million daily malware and phishing emails related to COVID-19 last week, revealing how the bad actors are working overtime to target people working from home and facing other restrictions due to the pandemic. This is in addition to more than 240 million COVID-related daily spam messages, Google said in a blog post.
Google said that it continues to block more than 99.9 percent of spam, phishing, and malware from reaching its users as the company's machine learning models have evolved to understand and filter these threats. The phishing attacks and scams that Google is seeing daily use both fear and financial incentives to create urgency to try to prompt users to respond. Scamsters sometimes impersonate authoritative government organisations like the World Health Organization (WHO) to solicit fraudulent donations or distribute malware.
This includes mechanisms to distribute downloadable files that can install backdoors, Google said. "In addition to blocking these emails, we worked with the WHO to clarify the importance of an accelerated implementation of DMARC (Domain-based Message Authentication, Reporting, and Conformance) and highlighted the necessity of email authentication to improve security," Gmail Security Product Manager, Neil Kumaran, and Lead Security PMM, G Suite & GCP platform Sam Lugani wrote in the blog post.
"DMARC makes it harder for bad actors to impersonate the who.int domain, thereby preventing malicious emails from reaching the recipient's inbox, while making sure legitimate communication gets through," they added.
Sometimes scamsters attempt to capitalise on government stimulus packages and imitate government institutions to phish small businesses, Google said. Google said it has put proactive monitoring in place for COVID-19-related malware and phishing across its systems and workflows. In many cases, these threats are not new -- rather, they are existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19, the company said. Suggesting best practices, Google said people should avoid downloading files that they do not recognise. They can use Gmail's built-in document preview It is also recommended to check the integrity of URLs before providing login credentials or clicking a link. Fake URLs generally imitate real URLs and include additional words or domains, Google said.