Google warns of spike in coronavirus phishing emails

About £2 million is said to have been lost to coronavirus-related fraud in the UK alone

Google has issued a warning to users working from home during the lockdown about a rise in the number of coronavirus-based phishing attacks, many of which are being sent as emails.

The company stated Gmail blocks over 100 million phishing emails on a daily basis, but added that, as of last week, 18 million of these were now related to COVID-19.

Google assured users that their ML models have evolved to understand and filter these cyber threats and that they are capable of blocking over 99.9% of spam, phishing, and malware from reaching Gmail users. Emails suspected to be threatening are highlighted with a red banner warning the user that “this message seems dangerous”.

However, product manager at Gmail Security, Neil Kumaran, and lead security PMM for G Suite & CP platform, Sam Lugani, warned in the report that users still need to be on guard, particularly as some phishing attacks will attempt to pose as colleagues from other departments within their company.

“We have put proactive monitoring in place for COVID-19-related malware and phishing across our systems and workflows,” they wrote. “In many cases, these threats are not new – rather, they’re existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19.”

The examples include phishing emails that target WFH employees, small businesses, as well as organisations impacted by the government-induced lockdown. The senders often impersonate authoritative government organizations like the World Health Organization, company clients, and even admin departments.

According to the BBC, about £2 million has been lost to coronavirus-related fraud in the UK. The National Cyber Security Centre (NCSC) has warned that “an increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives".

"In the UK, the NCSC has detected more UK government branded scams relating to COVID-19 than any other subject," the report added.

Last week, NCSC director of operations Paul Chichester advised “the public and organisations (...) to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites”.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

Should IT departments call time on WhatsApp?
communications

Should IT departments call time on WhatsApp?

15 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021