Google warns of spike in coronavirus phishing emails

An @ sign on a fish hook

Google has issued a warning to users working from home during the lockdown about a rise in the number of coronavirus-based phishing attacks, many of which are being sent as emails.

The company stated Gmail blocks over 100 million phishing emails on a daily basis, but added that, as of last week, 18 million of these were now related to COVID-19.

Google assured users that their ML models have evolved to understand and filter these cyber threats and that they are capable of blocking over 99.9% of spam, phishing, and malware from reaching Gmail users. Emails suspected to be threatening are highlighted with a red banner warning the user that “this message seems dangerous”.

However, product manager at Gmail Security, Neil Kumaran, and lead security PMM for G Suite & CP platform, Sam Lugani, warned in the report that users still need to be on guard, particularly as some phishing attacks will attempt to pose as colleagues from other departments within their company.

“We have put proactive monitoring in place for COVID-19-related malware and phishing across our systems and workflows,” they wrote. “In many cases, these threats are not new – rather, they’re existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19.”

The examples include phishing emails that target WFH employees, small businesses, as well as organisations impacted by the government-induced lockdown. The senders often impersonate authoritative government organizations like the World Health Organization, company clients, and even admin departments.

According to the BBC, about £2 million has been lost to coronavirus-related fraud in the UK. The National Cyber Security Centre (NCSC) has warned that “an increasing number of malicious cyber actors are exploiting the current COVID-19 pandemic for their own objectives".

"In the UK, the NCSC has detected more UK government branded scams relating to COVID-19 than any other subject," the report added.

Last week, NCSC director of operations Paul Chichester advised “the public and organisations (...) to remain vigilant and follow our guidance, and to only use trusted sources of information on the virus such as UK Government, Public Health England or NHS websites”.

Sabina Weston

Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.

Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.