Cybercriminals have made a concerted effort to exploit the coronavirus and target potential victims through phishing emails, malicious apps, phony websites, and other types of malware. This trend has forced email providers and other companies to devise ways to combat and block such threats. A blog post published Wednesday by Google explains what the company is doing to fight coronavirus-related attacks and what users can do to protect themselves as well.
SEE: COVID-19: A guide and checklist for restarting your business (TechRepublic Premium)
Implementing proactive monitoring for COVID-19-related malware and phishing emails, Google said that most of the observed threats are not new but are simply repackaged malicious campaigns designed to exploit all the attention on the coronavirus. Using artificial intelligence (AI), the protection set up by Google automatically tries to detect new trends and attacks. As one example, the company’s deep-learning-based malware scanner scans more than 300 billion documents each week, helping to increase the detection of malicious scripts by more than 10%.
New threats are incorporated into Google’s Safe Browsing APIs to automatically stop them. The Safe Browsing protection is baked into several of the company’s products, including Google Search, Chrome, Gmail, and Android, and is used by a range of organizations.
Further, Google’s G Suite application includes advanced phishing and malware controls that are turned on automatically. These controls scan for certain security clues from file attachments, links, external images, and other content in an effort to stop threats, both new and evolving.
SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium)
Looking across the world, Google has spotted an increase in coronavirus-related malware, phishing messages, and scams in India, Brazil, and the UK in particular. These threats exploit local and regional topics and trends to entice users to take the bait.
India has witnessed a rise in scams that target Aarogya Setu, an initiative set up by the Indian government to connect citizens with essential health services. As businesses and workplaces start to reopen in India, there’s also been an increase in attacks that spoof COVID-19 symptom tracking. And as more Indian citizens look to buy health insurance, the country is seeing more scams that target insurance companies.
In Brazil, streaming services have become quite popular, triggering more phishing attacks targeting such services. Another scam involving credit cards and bank accounts threatens the user with a fine if they don’t respond.
In the UK, the government has unveiled steps to help businesses through the COVID-19 pandemic, which has prompted scammers to impersonate government institutions in an attempt to gain personal information. In some cases, the attackers try to spoof Google as well. But such attacks are automatically blocked, according to Google.
Though Google is striving to combat these coronavirus-related scams and attacks, users of the company’s apps and services also need to take steps to protect themselves. As such, Google offers the following tips:
- Take the Security Checkup. This step-by-step tool offers personalized and actionable security recommendations and can help you strengthen the security of your Google account.
- Avoid downloading files that you don’t recognize. Instead, use Gmail’s built-in document preview.
- Check the integrity of URLs before providing login credentials or clicking a link. Fake URLs generally imitate real ones and include additional words or domains.
- Report phishing emails.
- Turn on 2-step verification to help prevent account takeovers, even in cases where someone obtains your password.
- Consider enrolling in Google’s Advanced Protection Program (APP). People who’ve used this feature have yet to be successfully phished, even if they’re repeatedly targeted, according to Google.
- Be thoughtful about sharing personal information such as passwords, bank account details, or credit card numbers, and even your birthday.