Google Blocks 18 Million Malware and Phishing Attacks Daily
April 24, 2020
In this previous week, Google has reported that it is blocking more than 18 million daily malware and phishing attacks based on the COVID-19 pandemic for over a week. Additionally, Google has also reported that it is blocking another 240 million spam messages that are initiated from Gmail accounts that are preying on people's fears of the coronavirus as well as financial concerns during these times. While Google has been playing a significant role in deterring these attacks the FBI has warned that there has been a significant spike of cyber-attacks related to COVID-19.
The attacks target individuals by impersonating government and world organizations to lure in people to these attacks. Some of these emails try to solicit fraudulent donations for COVID-19 relief, information about small business loans, stimulus package information, and other related topics. The majority of malware (94%) is delivered by email exchange. Once the malware has infected a user’s computer it opens up access for attackers to remotely access a computer. This could be done in a way that allows the attacker to utilize the compromised computer as a bot to further their phishing/malware campaigns or to extract sensitive information from a user’s computer.
On April 22nd it was reported by RiskIQ that a number of unknown activists posted nearly 25,000 email addresses and passwords from personnel from World Health Organization, Gates Foundation, and many other agencies working on the COVID-19 threat based on initial reporting form the SITE Intelligence Group. These email addresses and passwords are likely from the phishing campaigns. However, with this information available a cybercriminal could attack a company appearing as legitimate traffic. This type of attack could result in thousands of files stolen, sensitive information attained, and much more and not be noticed easily.
These attacks are focusing more on the millions of people working from home. These attacks are allowing cybercriminals access to home networks and thereby also gaining access to highly sensitive corporate data from the influx of work from home staff.
The increase in cyber-attacks are ranging from individuals to organized cyber gangs and even state sponsors actors. However, despite the high number of attacks anyone using a computer or networked device (which is almost everyone at this point), it is highly important to be aware of suspicious emails or websites.
RiskIQ recently reported that over 10,000 new coronavirus domains were being opened daily with March 16th showing the highest number of 35,000 in a single day. Cybercriminals will do what cybercriminals do and that is to capitalize on the crisis to find a way to exploit a person’s good nature or fears to give the cybercriminals the highest reward. This could result in personal identification information that could be later used for additional attacks. Alternatively, these attacks could cause ransomware to be loaded on sensitive networks costing companies millions in losses in recovering the services as well as any revenue lost during the incident.
Emails can look very convincing and real however a close eye can identify common signs of fraud. Thing such as government-related emails that are coming from a “.com” email address, or emails asking to login to a specific account from the email itself, and a long list of other common issues.