Google Blocks Over 18 Million Coronavirus Phishing Emails on Gmail Each Day

google block covid19 phishing spam

Coronavirus has affected all of us. Living through this pandemic has led to an array of adjustments and a new outlook on social responsibility.

Cybercrooks, on the other hand, look at Coronavirus as nothing more than a cash cow. Instead of doing their best to help, these online scammers have decided to profit off of people's fear and naivety. They've readjusted all their shams and sprinkled COVID-19 thematics on top. Malvertising campaigns now revolve mainly around Coronavirus – tips, instructions, concerns, anything and everything that would get you to click. They impersonate the World Health Organization (WHO) and the Centers for Disease Control and Prevention (CDC), government officials, medical suppliers, and so on. Their greed knows no bounds.

In these trying times, these crooks choose to prey on people's uncertainty and make money off of it. And, Google has been fighting their malicious efforts. Well, to the extent of their ability.

More Than 18 Million Coronavirus-Related Malware and Phishing Emails Get Sent Daily!

Google has stepped up and blocked over 18 million Coronavirus-related phishing emails, hiding malware. That number may seem staggering, but it only encompasses the emails sent out in a single day. A day! The company reported each day for a week, over 18 million Coronavirus scam emails had gotten sent out. To reiterate, these are numbers for a single week. That means that scammers send out at least 126 million COVID-19 scam emails a week. Bear in mind that these are figures on top of the more than 240 million daily spam messages that relate to Coronavirus. When you do the math on all of them, the result is nothing less than mind-boggling.

Google's move is a gravely needed one in general, but especially now, in this time of crisis, when so many cybercriminals take advantage of the COVID-19 pandemic.

The company reports that its artificial intelligence-powered protections filter blocks over 99.9% of spam, phishing, and malware from getting to users' inboxes. Google also put their AI into work on making some important distinctions between an actual important Coronavirus-related email, and a sham one sent by scammers. The company collaborated with WHO on implementing DMARC, short for Domain-based Message Authentication, Reporting, and Conformance. That stumps scammers from impersonating the who.int domain, therefore preventing the spread of valuable information. It also ensures that WHO's emails will not get caught in the spam filters.

Spam Is a Problem That's Not Going Anywhere but Is Getting Worse.

Let's look at some stats from years passed. In 2018, researchers established that 45% of all emails sent and received, turn out to be spam.

A breakdown of the statistics of all emails. Source: assets.website-files.com

That's not only a grave annoyance but a costly one, as well. The cost of spam continues to rise, and businesses pay the price for it.

In 2018 spam cost businesses an astounding $20.5 billion. Source: assets.website-files.com

If we go back in time a little more, we discover that experts estimated, in 2016, one out of every four companies fell victim to phishing scams.

Figure 3
Phishing scams had a 25% success rate in 2016. Source: assets.website-files.com

Numbers, Numbers, Numbers.

With scammers, it's a game of numbers. They flood the system with their malvertising campaigns, and try to overwhelm it enough to have at least some of their emails slip through the cracks, and reach their targets. As established with the numbers explained above, even 'some' is quite a substantial sum of people.

Phishing attacks prey on people's fear and gullibility. The scammers, behind them, aren't shy about using all manner of tactics to get your click. They use financial incentives, lust, need for information, anything it takes to dupe you into clicking. These people do their best to manufacture urgency, so you not only click but do it NOW!

The Coronavirus pandemic offered these malicious individuals the perfect tool. Most people remain starved for information, no matter how much news they consume daily, it's just not enough. They want more – from WHO, the CDC, government officials, friends, family. That want creates a best-case environment for scammers, and they impersonate reputable institutions or people, spoof legitimate email addresses, and fill their emails with supposed 'crucial' information. They attach a malicious file and mask it as a must-see document in the hopes that you'll download and open it.

A recent case showed a scammer pretending to be an affiliate to the employer of the person who got the email. You can see an image of the sham email below.

Figure 4
Bogus email posing as a legitimate one. Source: cdn.vox-cdn.com

There have also been a lot of cybercrooks trying to solicit donations from people on the premise that their funding supports global response efforts.

Figure 5
Fraudulent donation request by a scammer. Source: mspoweruser.com

Some crooks claim to give out stimulus checks, as the image below clearly shows.

Figure 6
Dubious payment request by a scammer. Source: mspoweruser.com

If you wish to avoid getting baited into falling for cybercriminals' tricks, be wary! Exercise caution when going through your inbox. Don't open emails from unknown sources. If you don't recognize the sender, don't bother clicking it. Verify names and URLs if you get asked to open or download anything, or provide any manner of private details. Do not follow instructions in blind faith. Disregard naivety, and turn to vigilance. After all, it's better to be safe than sorry.

April 30, 2020

Leave a Reply