COVID-19 Phishing Lures Explode – Google Blocks 18M in 7 Days

Bad people are feeding off our fears by using COVID-19 novel-coronavirus themes in their phishing campaigns. I suppose we shouldn’t be surprised.

Whether they’re pretending to be the government with a handout or the WHO asking for one, it’s all in a day’s work for these email fraudsters. Both Google and Microsoft are seeing similar shifts in malicious behavior.

Warm up your spam filters. In today’s SB Blogwatch, we reel ’em in.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: #HowWeReopen.


Phlatten the Curve

What’s the craic? Sergiu Gatlan reports—“Gmail blocked 18M COVID-19-themed phishing emails in a week”:

 Google says that … Gmail’s ML models now are sufficiently advanced to [be] capable of blocking over 99.9% of all spam, phishing, and malware. … Attackers behind these phishing campaigns … have been using both financial and fear-inducing baits to make their targets respond to their requests.

Microsoft also said last week that the volume of coronavirus-themed attacks hasn’t increased since the start of 2020 but, rather, threat actors have repurposed infrastructure used in other attacks and rethemed their attack campaigns. … In a single day, Redmond’s SmartScreen sees and processes over 18,000 malicious COVID-19-themed URLs and IP addresses.

And Paul Kunert adds—“bad actors feed on people’s fear”:

 Google said its malware scanner uses deep-learning tech to detect malware on 300 billion attachments each week, and 63 per cent of dodgy docs blocked by Gmail are different from day to day. … That still means that 258,000 COVID-19 themed spams and phishing emails did in fact land in people’s inboxes each day.

The guidance dished out by Google today includes basic common-sense hygiene: run a security checkup; don’t download stuff you don’t recognise; check the integrity of URLs before providing login creds or clicking a link; avoid and report phishing emails; and, unsurprisingly, consider signing up to [Google’s] Advanced Protection Programme.

Hard to stomach? Here’s Steven “meta” Musil: [You’re fired—Ed.]

 Some of the emails impersonate government agencies such as the World Health Organization to try to solicit fraudulent donations or install malware. Some target small businesses with scams related to economic stimulus packages, while others masquerade as companies as they try to steal personal information from people working from home.

This is business as usual for hackers, who often use current events to trick their victims, whether it’s apps that promise you free access to Oscar-nominated movies or scams that scoop up your tax refund.

From the horse’s mouth, it’s Google’s Neil Kumaran and Sam Lugani—“Protecting businesses against cyber threats”:

 Phishing is still one of the most effective methods that attackers use to compromise accounts and gain access to company data and resources. … Bad actors are creating new attacks and scams every day.

In many cases, these threats are not new—rather, they’re existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19.

Here come the inevitable Gmail complaints. For example, from kackle:

 Lately, it’s been blocking my legit email. … I wouldn’t mind if I ended up in my friends’ spam folder or something, but the emails are just not getting there, no warnings, no nothing.

I understand what people mean when they say Google is getting too big.

18 million is a lot. But SimonF calls it “Pointless”:

 The number that matters is: How many have they let through?

Meanwhile, h33t l4x0r has 419 problems, but the phish ain’t one:

 Nigerian prince here. I find these coronavirus scammers to be despicable. Please send me your bank account information so I can send you $100 million to combat these terrible people.

And Finally:

A bipartisan, in-depth plan to reopen the economy #HowWeReopen

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE.

Image source: Johannes Plenio (cc:by)

Featured eBook
7 Must-Read eBooks for Security Professionals

7 Must-Read eBooks for Security Professionals

From AppSec to SecOps, Security Boulevard eBooks deliver in-depth insights into hot topics that matter to the Cybersecurity and DevSecOps professionals. Our staff of writers are the best in the business, with decades of practical and award-winning experience and credentials. We are excited to share our 2019 favorites. Take a look and download some of ... Read More
Security Boulevard

Richi Jennings

Richi is a foolish independent industry analyst, editor, writer, and fan of the Oxford comma. He’s previously written or edited for Computerworld, Petri, Microsoft, HP, Cyren, Webroot, Micro Focus, Osterman Research, Ferris Research, NetApp on Forbes and CIO.com. His work has won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 148 posts and counting.See all posts by richi