April 17, 2020

Gmail sees millions of phishing attacks every day – here’s how to stay safe

By Tech Online Things

Google has announced that it blocked millions of phishing emails from reaching Gmail users as cybercriminals continue to leverage the coronavirus outbreak in their online scams and attacks.

In the last week alone, the search giant observed 18m daily malware and phishing emails related to Covid-19 in addition to more than 240m coronavirus-related daily spam messages, according to a new blog post from the Google Cloud.

Google’s machine learning models have evolved to understand filter these threats so they don’t end up in users’ inboxes and the company continues to block more than 99.9 percent of spam, phishing and malware from reaching its users.

Of the many phishing attacks and scams the company has observed, many employ both fear and financial incentives to create a sense of urgency in order to trick users into responding. Some examples include cybercriminals impersonating government organizations such as the WHO, attempts to capitalize on government stimulus packages and messages that target those working from home during the global pandemic.

Proactive capabilities

To help prevent users from falling victim to these scams, Google has put proactive monitoring in place for coronavirus-related malware and phishing across its systems and workflows. However, in many cases, these threats are not new but consist of existing malware campaigns that have been updated to exploit the heightened attention on Covid-19.

As soon as Google identifies a threat, it is added to the company’s Safe Browsing API which protects users in Chrome, Gmail and all of the company’s other integrated products. Safe Browsing helps protect over four billion devices every day by showing warnings to users when they navigate to unsafe sites or download dangerous files.

In G Suite, advanced phishing and malware controls are turned on by default to ensure that business users automatically have these proactive protections in place. These controls route malicious emails to quarantine, identify emails with unusual attachment types, identify unauthenticated emails, protect against malicious documents, scan linked images and identify links behind shortened URLs and more to help keep users protected without interfering with their workflow.

To prevent falling victim to coronavirus email scams, Google recommends that users complete a Security Checkup, avoid downloading files from unknown senders, check the integrity of URLs before clicking on them, avoid phishing emails and consider enrolling in its Advanced Protection Program.

While cybersecurity should never be taken for granted, all users should remain extra vigilant for online threats during this difficult time.