How Google Cloud users can combat coronavirus-themed phishing emails

Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware.

How Google Cloud users can combat coronavirus-themed phishing emails

Cybercriminals have been exploiting the coronavirus outbreak to deploy virus-themed malware in hopes of ensnaring people curious or anxious about the disease. That's especially true with phishing emails, which often promise information and updates about COVID-19 but instead lead people to malicious content. The popularity of Google Cloud services such as G Suite, Gmail, and Chrome have made their users tempting targets for malware. In a blog post published on Thursday, Google explained what it's doing to try to fight cyberattacks and what users can do to protect themselves as well.

SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium) 

Gmail blocks more than 100 million phishing emails every day, according to Google. Over the past week, the service was hit with 18 million pieces of malware and phishing emails related to COVID-19. On a daily basis, more than 240 million coronavirus-themed spam messages are sent to Gmail users. That torrent has helped Google's machine learning technology to better detect these threats. At this point, 99.9% of all spam, phishing, and other malicious messages are stopped before they reach the inboxes of Gmail users, Google said.

In one type of virus-related phishing campaign, cybercriminals masquerade as groups such as the World Health Organization (WHO) to request fraudulent donations or deploy malware. In the examples cited by Google, one email targets people working from home, another mentions government stimulus packages for small business, and a third is aimed at organizations following orders to stay at home.

To try to block these phishing emails, Google said it worked with the WHO to better implement DMARC (Domain-based Message Authentication, Reporting, and Conformance), which makes it more difficult for attackers to impersonate the legitimate who.int domain.

Google also explained the specific steps it's taking to block coronavirus-related malware and phishing attempts. Any identified threat is incorporated into Google's Safe Browsing API for Gmail, Chrome, and other products. Safe Browsing warns users when they try to open a malicious site or download dangerous files. For G Suite users, advanced phishing and malware controls are automatically enabled. In short, these controls look for suspicious emails and then display a warning message, send them to spam, or quarantine them. 

coronavirus-themed-phishing-email-google.png

Image: Google

Though Google is doing what it can to block malicious emails and other content, organizations and users also have to take certain precautions. G Suite administrations should review Google-recommended defenses on advanced phishing and malware protection page and consider enabling the security sandbox. Individuals should weigh the following recommendations:

  • Complete a Security Checkup to improve your account security.
  • Avoid downloading files you don't recognize. Instead, use Gmail's built-in document preview.
  • Check the integrity of URLs before providing login credentials or clicking a link. Fake URLs generally imitate real URLs and include additional words or domains.
  • Avoid and report phishing emails.
  • Consider enrolling in Google's Advanced Protection Program. Google said it has yet to see anyone who participates in the program be successfully phished, even if they're repeatedly targeted.

Also see

View on a medical mask on an open laptop pc.

Image: Getty Images/iStockphoto