Latest in Gear

Image credit: NicoElNino via Getty Images

Google says government-backed groups are using COVID-19 to spread scams

One campaign used fast food chains to target US government officials.
135 Shares
Share
Tweet
Share

Sponsored Links

Cybersecurity and global communication, secure data network technology, cyberattack protection for worldwide connections, finance, IoT and cryptocurrencies, planet Earth in space, elements from NASA (https://eoimages.gsfc.nasa.gov/images/imagerecords/90000/90008/europe_vir_2016_lrg.png)
NicoElNino via Getty Images

Dozens of government-backed groups are using COVID-19 themes as lures for phishing and malware scams, Google’s Threat Analysis Group (TAG) warned today. One campaign sent fake messages from fast food chains to US government employees. That phishing attempt offered free meals and coupons in response to COVID-19 and sent links to bogus online ordering and delivery options in an attempt to get Google account credentials.

TAG says it’s not aware of any accounts being compromised by that campaign. The vast majority of the messages were sent to spam or blocked by domains using Safe Browsing. 

The fact that government-backed groups are using COVID-19 to spread malware and snag credentials is disturbing, but it’s not surprising. This morning The New York Times reported that US officials believe China-backed operatives helped spread COVID-19 misinformation in an attempt to sow discord across the country. And we’ve already seen COVID-19 scams, like the one that may have stolen millions from the German government.

“Generally, we’re not seeing an overall rise in phishing attacks by government-backed groups; this is just a change in tactics,” Google’s TAG team wrote. 

TAG has also seen an increase in cybercrime attempts on international and national health organizations, like emails that link to a domain spoofing the World Health Organization’s login page. In response, TAG is adding a higher threshold for Google Account sign in and recovery to more than 50,000 high-risk accounts.

And to support the larger security research community, Google is offering more than $200,000 in grants as part of a new Vulnerability Research Grant for COVID-19 fund. It says it expects to see new lures and schemes and will continue working to fight them.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
135 Shares
Share
Tweet
Share

Popular on Engadget

Animal Crossing fans get real about the fictional NookPhone

Animal Crossing fans get real about the fictional NookPhone

View
Reddit and LinkedIn will fix clipboard snooping in their iOS apps

Reddit and LinkedIn will fix clipboard snooping in their iOS apps

View
Facebook envisions using holographics for super-slim VR glasses

Facebook envisions using holographics for super-slim VR glasses

View
Watch Rocket Lab launch a Canon satellite into space at 5:19PM ET

Watch Rocket Lab launch a Canon satellite into space at 5:19PM ET

View
Porsche unveils more affordable rear-wheel drive Taycan, but only for China

Porsche unveils more affordable rear-wheel drive Taycan, but only for China

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr