Since the outbreak of COVID-19, there has been a significant increase in cyberattacks. During the past couple of weeks, even Google's advanced machine-learning classifiers have globally seen 18 million daily malware and phishing attempts related to COVID-19, in addition to more than 240 million COVID-related spam messages.
The Google Threat Analysis Group continuously monitors sophisticated hacking activity, and their security systems have detected a range of new scams such as phishing emails posing as messages from charities and NGOs battling COVID-19, directions from "administrators" to employees working from home, and even notices spoofing healthcare providers. Addressing these issues, Google has rolled out a new website (https://safety.google/securitytips-covid19/) that will educate people about coronavirus-related security risks. Currently available in Hindi and English, Google plans to roll out the content in other regional languages too.
According to the website, "We want to keep you safe whenever you're online. That's why everything we make is protected with powerful built-in security technologies that help detect and block threats before they ever reach you."
Scammers often pose as well-known, trusted and authoritative sources. Directly visit sources like the Ministry of Health and Family Welfare (MoHFW) to get the latest factual information about COVID-19.
In case of receiving a fraudulent message, the best way to check its authenticity is by copying and pasting the email address, phone number, or most suspicious portion of the message into a search engine to check if it's been reported by others.
This website also suggests that for extra protection online, add two-factor authentication - also known as two-step verification - to accounts. This provides another layer of security by requiring two steps to gain access to the account: for example, something you know (your password) and something you physically have on hand (like your phone or a security key).
Some scams take advantage of goodwill, requesting donations for COVID 19 relief efforts or impersonating non-profit organizations. Instead of donating to such impersonators by clicking on the web link, one should directly donate to the NGO's or non-profit organizations website.
Google says users should be wary of requests for personal information such as home addresses or bank details. Fake links often imitate established websites by adding extra words or letters to them-check the URL's validity by hovering over it (on desktop) or with a long press (on mobile), taking care not to click any suspicious links.
Besides this, Google systems have also spotted malware-laden sites that pose as sign-in pages for popular social media accounts, health organisations, and even official coronavirus maps.
To help protect against these risks, Google has built advanced security protections into Google products to automatically identify and stop threats before they ever reach users. Google machine learning models in Gmail already detect and block more than 99.9 per cent of spam, phishing, and malware. Besides, Google claims that the security built into the Chrome browser also protects users by alerting them in case of fraudulent websites. Google Play Protect scans millions of apps in Google Play to safeguard users against any such risks.