According to Google, scammers are sending 18 million hoax emails about coronavirus to Gmail users every day.
Google says criminals are taking advantage of the global pandemic by launching phishing attacks, trying to trick users into sharing their personal data.
Over the past week, almost a fifth of the emails were scams related to COVID-19. Google is reportedly blocking more than 100 million phishing emails a day.
With over 1.5 billion people using Gmail, coronavirus is now the biggest phishing topic ever.
Gmail users are being sent a variety of emails where criminals are impersonating authorities such as the World Health Organisation (WHO) in an effort to trick them into downloading software or donate to scam causes.
Public institutions are also being impersonated in an attempt to capitalise on government support packages.
Google assures however that its machine-learning tools are able to block more than 99.9% of the emails.
The growth in phishing has also caught the attention of several cyber security companies. For example, Barracuda Networks report a 667% increase in malicious phishing emails.
Scammers are going as far as impersonating the President of the United States Donald Trump.
“Phishing attacks always share the common trait of inciting or depending on an emotion that causes us to act more hastily or think less about our actions at that moment in time,” said independent security researcher Scott Helme.
“The coronavirus pandemic is a highly emotional topic right now and cyber-criminals clearly know this. They’re hoping that the typical person might be more inclined to click through links or follow bad instructions if they use this lure,” Helme added.
The threat is not just limited to emails. Researchers have found that scammers are using malicious websites and smartphone applications to trick users.
For example, one Android app claims to help track the spread of the virus, but instead infects the phone with ransomware and demands payment to restore the device.
The National Cyber Security Centre and the US Department of Homeland Security issued a joint advisory claiming that they have seen “an increasing number of malicious cyber-actors” that were “exploiting the current Covid-19 pandemic for their own objectives.”
PNN