The sudden outbreak of the coronavirus has led to the creation of mass hysteria among people worldwide, a situation which greatly benefits all kinds of cybercriminals and scammers. Now, while the outbreak is still very much active, a new breed of COVID-19 scams are being observed to be surfacing online in huge numbers!
Google, the tech giant, has recently reported that last week they have blocked a whopping 18 million COVID-19 themed phishing emails. They mentioned that among the 100 million phishing attacks of all kinds that the company blocks every day, these COVID-19 themed emails seemed to represent 2.5% of them. Also, they said that they are now blocking a humongous 240 million spam messages which are related to the outbreak.
Phishing is a type of online social engineering attack which is often used to steal user data which includes login credentials and credit card numbers. It mostly occurs when an attacker, masquerades as a trusted entity and dupes the victim into opening an email, instant message, or text message.
The surge in these outbreaks themed phishing emails and spam messages have now forced these tech giants such as Google and Microsoft to change or adjust their product strategies. It eventually helps them to safeguard their users from any possible harm due to any kind of cyberattacks.
Even though the overall phishing attack attempts in terms of volume remains the same, it looks like attackers now are simply using this current situation by tweaking their messaging to make their attacks into a better mousetrap!
In a log post, Neil Kumaran who is the Product Manager for Gmail Security and Sam Lugani who is the Lead Security Product Marketing Manager for G Suite and the GCP platform, have collectively mentioned that the company is actively monitoring for COVID-19-related malware and phishing attacks throughout their system and workflows.
Google has highlighted that many phishing emails are now impersonating the World Health Organisation aka WHO to dupe victims into fraudulently making deposits to different bank accounts for the sake of donation.
On the other hand, the threat-intelligence teams of Microsoft in their reports have also found phishing attacks with the same tactics wherein attackers are simply repurposing their emails to include the current situation but keeping the pattern of their attacks the same.
Rob Lefferts who is the Corporate Vice President of Microsoft 365 Security also mentioned that they are surely observing a change in the messaging of these attacks but not a surge in them.
Also, for all health workers and humanitarian organizations across the globe to battle with these phishing attacks, this week Microsoft has now made their AccountGuard available to them for absolutely no cost.
Safeguarding Against Phishing Attack
While the tech giants such as Google and Microsoft are doing their bit to identify and stop these phishing attacks, there might still be some instances wherein one or two emails might just slip past their system.
Therefore, it’s important for users as well to deploy precautionary measures to stay protected from such hackers.
The most important tactic that users need to know is how to identify a phishing attack and safeguard themselves. You should never open any email or other kind of messages from an unknown source. On the off chance that you do open them, it is important to read through it and understand if it wants you to open any links or is it trying to lead you into giving them money. If so, that is alarming and you must abort the process immediately, mark it as spam and delete it. This will ensure you are safe from such attacks.