In the past week, Google detected more than 18 million COVID-19 malware and phishing emails sent daily.
The Internet giant receives more than 240 million daily spam messages linked to COVID-19. Gmail blocks 100 million phishing emails every day.
Last week Microsoft said it saw some 60,000 COVID-19 lures in regular phishing emails, but they represented less than 2% of the overall phishing attempts.
Several threats actors have adopted the new COVID-19 email pandemic to trick users into opening passwords, installing malware, or transferring money to attacker-controlled accounts.
“The phishing attacks and scams we’re seeing use both fear and financial incentives to create urgency to try to prompt users to respond,” Google says.
Some attacks observed by the company, attempt to impersonate authoritative government organizations, like the World Health Organization (WHO), to ask for fraudulent donations or to distribute malware.
Other malicious emails target employees operating in a work-from-home setting or attempt to phish small businesses by making reference to government stimulus packages and imitating government institutions.
Google said it “put proactive monitoring in place for COVID-19-related malware and phishing,” while also noting that most of these threats are not new, but rather updated to fit the current trend.
“As soon as we identify a threat, we add it to the Safe Browsing API, which protects users in Chrome, Gmail, and all other integrated products. Safe Browsing helps protect over four billion devices every day by showing warnings to users when they attempt to navigate to dangerous sites or download dangerous files,” the Internet giant says.
