18M plus COVID-19-themed phishing emails get blocked with a malware scanner
Google says, they have built a malware scanners with the help of which they managed to block around 18 million phishing and malware emails using COVID-19 lures within the last week. According to them, this scanner is built within the Gmail free service that helps in detect and block 99.9% of such phishing, scam and malware sent to the recipients.
Gmail Security PM Neil Kumaran and G Suite & GCP Lead Security PM Sam Lugani explain, “Every day, Gmail blocks more than 100 million phishing emails. During the last week, we saw 18 million daily malware and phishing emails related to COVID-19. This is in addition to more than 240 million COVID-related daily spam messages.”
As per the Google, so far, the attackers through the phishing attackers try to impersonate the government organizations such as “WHO”, Solicit fraudulent donations or distribute malware. These people phish employees operating in a work-from-home setting and also capitalize on government stimulus packages and imitate government institutions to phish small business. They target the organizations impacted by stay at home orders, as well.
Google explains, “We have put proactive monitoring in place for COVID-19-related malware and phishing across our systems and workflows. In many cases, these threats are not new—rather, they’re existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19. As soon as we identify a threat, we add it to the Safe Browsing API, which protects users in Chrome, Gmail, and all other integrated products.Safe Browsing helps protect over four billion devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files.”
Microsoft also said the last week that, however, the coronavirus themed attacks has not increased the start of 2020, but the threat actors repurposed infrastructure used in other attack to re-theme their campaigns to create public tension caused due to COVID-19 pandemic.
For the mitigation purpose, the G Suite admin can implement a series of Google recommended defences. While, for the users, Google highlights the following points:
- Complete a Security Checkups that improve your account security
- Use Gmail’s built-in document preview and avoid any unrecognized files
- Firstly check the integrity of the device before providing login credentials or clicking a link
- Do not click on any phishing emails. Better, if you report about it
- Consider about enrolling Google’s Advanced Protection Program (APP)
For the businesses, G Suite tool come with multiple advanced phishing and malware controls enabled by default. These built-in tools identify and prevent coronavirus-themed threats from reaching to the users’ inbox. They can:
- Route the emails matching with any phishing and malware controls to a new or existing quarantine
- Identity that emails having unusual attachments and display warning about it automatically
- Identity any unauthenticated e mails that are trying to spoof your domains
- Protect against any attached files or documents having malicious scripts
- Scan linked images and identity links behind shortened URLs