Google is adapting its machine-learning models for Gmail security to battle scammers, cybercriminals, and state-sponsored hackers exploiting fear over the COVID-19 coronavirus pandemic in phishing email attacks.
The company says it blocked 18 million COVID-19 themed phishing emails last week. The blocked COVID-19 phishing emails targeting Gmail users would represent about 2.5% of the 100 million phishing emails Google said in 2019 it blocks daily. Google is also blocking 240 million COVID-related daily spam messages each day.
"We have put proactive monitoring in place for COVID-19-related malware and phishing across our systems and workflows. In many cases, these threats are not new – rather, they're existing malware campaigns that have simply been updated to exploit the heightened attention on COVID-19," Google said in a blogpost by Neil Kumaran, a product manager for Gmail Security, and Sam Lugani, a lead Security product marketing manager for G Suite and the GCP platform.
The examples Google highlights are phishing email impersonating the World Health Organization (WHO) to dupe victims into donating to a fraudulent account or to distribute malware.
This tactic lines up with reports from Microsoft's threat-intelligence teams, which found that coronavirus-themed attack email from scammers and cybercriminals have just been repurposed from older attacks.
However, Google has temporarily suspended enrollments for users who attempt to join the program with a phone's built-in security key due to changes forced on it by the pandemic. Users with physical security keys can still enroll.
"While you can still enroll with two physical security keys, we are temporarily suspending enrollment with your phone's built-in security key. If you are interested in enrolling with your phone's built-in security key, join our waitlist."
Google notes that G Suite's advanced phishing and malware controls are turned on by default, ensuring that all G Suite users automatically have these proactive protections in place.