Tech giant Google reported that they saw 18 million daily malware and phishing emails related to the coronavirus disease 2019 (COVID-19) in the past week. The latest figure is apart from the more than 240 million COVID-19-related daily spam messages that their system intercepted each day.
In a blog post, Google said that the phishing attacks and scams they are seeing use both fear and financial incentives to create urgency to try to prompt users to respond.
Among the examples Google cited as phishing attacks and scams include impersonating authoritative government organizations such as the World Health Organization (WHO) in a bid to solicit fraudulent donations or distribute malware. Some emails attempt to imitate government institutions to phish small business while others target employees in a work-from-home setting.
The company said that their machine learning models continuously block more than 99.9% of spam, phishing, and malware from reaching their users. Apart from this, Google said that it worked with WHO on the accelerated implementation of DMARC (Domain-based Message Authentication, Reporting, and Conformance) in order to make it harder for scammers to impersonate the who.int domain. This means that malicious emails will be prevented from reaching users’ inbox while legitimate emails will get through.
Google said that some of these threats are not new but existing malware campaigns that have been updated to take advantage of the COVID-19 situation. In spite of this, the company said that they have put proactive monitoring for COVID-19-related malware and phishing across their systems and workflows.
Last February, Google reported that they were blocking around 100 million additional spam messages every day.
“Using TensorFlow has helped us block image-based messages, emails with hidden embedded content, and messages from newly created domains that try to hide a low volume of spammy messages within legitimate traffic,” Google said.