Phishing Scams: Google has reported that it is blocking 18 million phishing emails about Covid-19 daily. The pandemic has hugely increased phishing attacks where criminals are trying to trick victims to reveal data. Gmail is used by 1.5 billion people.
The National Cyber Security Centre reports:
Given the current coronavirus (COVID-19) situation, cyber criminals are sending emails that claim to have a ‘cure’ for the virus, offer a financial reward, or encourage you to donate. Like many phishing scams, these emails are preying on real-world concerns to try and trick you into clicking.
These scam messages (or ‘phishes’) can be very hard to spot, and are designed to get you to react without thinking. If you think you’ve clicked on a bad link, don’t panic – there’s lots you can do to limit any harm. Link
According to Google, it blocks 100 million phishing emails per day and over the past week nearly one fifth of these were related to the coronavirus. It may be the largest used phishing topic the firm has seen.
These emails are impersonating authorities, including the World Health Organisation, and public institutions. Generally, the basis is to persuade individuals to donate to a fake cause or to download software.
It is not just Google who has noticed this change in content and Phishing Scams
Barracuda Networks has also reported a 667% increase in phishing emails during the pandemic. Additionally, there was one Android app which claimed to help track the spread of the virus but infected the phone with ransomware.
What you can do if you think you have been hit by a phishing attack?
These are some initial steps you can take as well as reading the guidance of the NCSC.
- Do not panic. This happens to most people at one point or another. Phishing scams are becoming more creative. Maintaining a clear head will make your response quicker and more effective.
- Try and note down all the information you can about the phishing email. Remember what information you provided. Additionally, if you opened an attachment you can turn off the WIFI in the property to try to prevent their access to the computer.
- If the link you clicked was to an organisation you have an account with, log in to the real site and change the password. If you use the same password for a different site, change this as well.
- If it was an organisation you had an account with, contact them about the phishing email you received.
- Use an anti-virus software to scan your computer for a virus
- Keep an eye on warning signs e.g. money leaving your bank account or suspicious behaviour regarding your identity
Additionally, Serviceteam IT has a blog concerning setting up two-factor authentication. If you are interested in learning more about this security system click here.
This is a problem which could affect anybody, and education about prevention can be vital.