Security Experts:

Connect with us

Hi, what are you looking for?



Google Sees Increase in COVID-19 Phishing in Brazil, India, UK

Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK.

Cyber-threats taking advantage of the COVID-19 pandemic are evolving, and Google is seeing an increase in related phishing attempts in countries such as Brazil, India, and the UK.

As the coronavirus crisis spreads worldwide, cyber-criminals and state-sponsored actors have adapted their attacks to leverage pandemic-related lures. In April, Gmail was seeing 18 million COVID-related daily malicious emails.

The attacks have been evolving and the past month has revealed the emergence of regional hotspots and threats: COVID-19-related malware, phishing, and spam emails have been rising in India, Brazil, and the UK, using regionally relevant lures, financial incentives, and fear, the search giant explains.

Google says it has observed an increase in the number of scams targeting Aarogya Setu, an initiative where the government is trying to connect people across India with essential health services. At the same time, the number of attacks masquerading as COVID-19 symptom tracking has increased, fueled by the return of employees to workplaces.

The Internet giant also observed an increase in phishing scams targeting insurance companies in India, as more and more people in the country are looking to buy health insurance. The scams often quote established institutions, attempting to trick victims into clicking on malicious links.

In the UK, amid the government’s reveal of measures to help businesses get through the COVID-19 crisis, attackers are attempting to gain access to users’ personal information by masquerading as government institutions. In some cases, they also attempt to imitate Google.

In Brazil, phishers are increasingly targeting streaming services, which are becoming more and more popular in the country. Some of the emails rely on fear, claiming that the reader would be fined if they do not respond.

Google notes that Gmail continues to block over 99.9% of spam, phishing, and malware, and that it has proactive monitoring in place for COVID-19-related malware and phishing. Many of the threats, however, are not new, but old campaigns repurposed to exploit the COVID-19 crisis.

Earlier this year, the company introduced a deep-learning-based malware scanner that scans more than 300 billion documents every week, and which has already improved the detection of malicious scripts by over 10%.

“These protections, newly developed and already existing, have allowed us to react quickly and effectively to COVID-19-related threats, and will allow us to adapt quickly to new ones. Additionally, as we uncover threats, we assimilate them into our Safe Browsing infrastructure so that anyone using the Safe Browsing APIs can automatically stop them,” Google notes.

Related: Google Sees Millions of COVID-19-Related Malicious Emails Daily

Related: Google Boosts Detection of Malicious Documents in Gmail

Related: Google Says Iran-Linked Hackers Targeted WHO

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.