Image via Adobe Stock
Coronavirus-themed phishing lures are still on the rise but most are being stopped before they reach your inbox. Here is everything you need to know.
Image via Adobe Stock
Cyber criminals are tailoring coronavirus-related phishing and malware attacks to make them more effective at targeting victims.
In each case, the attacks and scams are using regionally relevant lures such as supposed government advice in an effort to reel victims in.
These attacks, which often involve a malicious file or phishing link are designed to trick the victim into giving up personal information as well as financial details.
Attackers are attempting to distribute messages that use subject lines related to coronavirus to lure users into opening the message. The email claims they have requested to deactivate their account and to click a link within 24 hours to stop it happening. This link is designed to harvest data.
Google Cloud has detailed how the past month has seen the emergence of regional hotspots for COVID-19-related cyber attacks, with the UK, India and Brazil all seeing a rise in malware, phishing and spam campaigns looking to exploit fears over the virus.
In each case, the attacks and scams are using regionally relevant lures such as supposed government advice in an effort to reel victims in. One example targeting people in the UK masquerades as an email from the Small Business Grant fund, a government imitative to help small businesses get through the coronavirus.
These attacks, which often involve a malicious file or phishing link, are designed to trick the victim into giving up personal information, as well as financial details. Meanwhile, campaigns targeting Brazil are preying on financial fears and the rise of streaming services, while attacks in India are focused around back to work and health schemes.
Google notes that 99.9% of spam campaigns claiming to be from governments or Google are automatically blocked by filters.
The company said it has put proactive monitoring in place for COVID-19-related malware and phishing across its systems and workflows. In many cases these threats are not new as they are using existing malware campaigns that have simply been updated to exploit the heightened attention on the pandemic.
Google said its AI based security systems are also able to pick up new trends and novel attacks automatically.
Sam Lugani, lead security for G Suite and Google Cloud Platform said, “Google’s security protects user accounts against incoming messages from domains that appear visually similar or use visually similar elements to established domains.”
“We also leverage authentication signals, such as DMARC policies that brands have defined, as well as other security signals from Safe Browsing to determine the safety level of every email that our users receive,” he added.
Google last month said it was seeing 18 million malware and phishing emails a day, along with 240 million messages specifically using the pandemic as a lure.
The ability to stop hundreds of millions of malicious messages even being sent via Gmail and other Google Cloud products forms part of what the company describes as a “safe by default” strategy that looks at signals in attachments, links, external images, and more, in an effort to block new and evolving threats.
The vast majority of threats are detected and stopped but the sheer number of attacks and the way they are constantly managing to avoid detection means that inevitably some will slip through.
But there are measures users can take to help stay safe, starting with avoiding downloading files that you don’t recognise and checking to see if a URL in an email looks like it could be suspicious. Users should also turn on two-factor authentication. If someone does manage to get hold of account credentials, there is an extra barrier to stop the account being abused.
Also read: Instagram privacy settings