Google says more than a dozen state-backed hacking groups are using fake COVID-19 emails to steal sensitive data from international health agencies and US government employees
- Google says COVID-19 is being used strategically by state-backed hackers
- The campaigns are targeting US government workers and health agencies
- Phishing scams sometimes pose as fast food chains offering discounts
- Many of the email scams are automatically sent to spam, Google says
Security experts at Google have identified more than a dozen government-backed hacking groups using the COVID-19 pandemic as cover for phishing and malware attempts.
According to Google’s Threat Analysis Group, state-backed hackers have been targeting international health organizations, including the World Health Organization (WHO) in an attempt to steal information and sometimes install malicious software.
WHO and other organizations, which are at the center of a global effort to contain the coronavirus, have come under a sustained digital bombardment by hackers seeking information about the outbreak.
Google says state-backed hackers are targeting US government workers and international health agencies with COVID-19 phishing scams
‘One notable campaign attempted to target personal accounts of U.S. government employees with phishing lures using American fast food franchises and COVID-19 messaging,’ Google said in a blog post.
Some of those messages impersonated popular food chains and offered free meals and coupons in response to COVID-19 while others suggested recipients visit sites disguised as online ordering and delivery options, according to the blog post.
However, once people clicked on the emails, they were presented with phishing pages designed to trick them into providing their Google account credentials.
Credentials entered into the field would be sent to hackers remotely.
While Google says it hasn’t seen an uptick in the number of phishing attacks from state-backed hackers, the trends outline a change in tactics.
‘Generally, we’re not seeing an overall rise in phishing attacks by government-backed groups; this is just a change in tactics. In fact, we saw a slight decrease in overall volumes in March compared to January and February,’ wrote Google.
Phishing scams haven’t increased but according to Google many of them are now using COVID-19 in attempt to steal information
Google said it was working to identify and prevent threats, using a combination of internal investigative tools, information sharing with industry partners and law enforcement, as well as leads and intelligence from third-party researchers.
In general, the COVID-19 pandemic has created an opportunity for hackers looking to steal information from victims in orchestrated scams.
While some phishing scams involve hackers posing as official organizations like WHO or the Internal Revenue System, others have purported to sell critical medical supplies like masks and hand sanitizer.