In the 21st century, one can’t even have a pandemic in peace.
Since January, the outbreak of COVID-19 led to news of phishing and scamming going on in the tech underworld. Although most of them were blamed on criminals and fraudsters, Google has found out that even governments have been involved in it. By employing State-Sponsored hackers, these governments have been actively trying to use COVID-19 as a perfect cover-up for their reconnaissance and espionage activities.
TAG or Google’s Threat Analysis Group have already published their reports on how they have caught 2 of the main State-Sponsored groups who have been phishing government employees over mails. Their mails always have a cover-up of some pandemic offer for fast food, which when clicked leads to the employee giving up their google credentials. While Google has blocked most of these sites or labeled them as malicious malware, there is still a long way to go.
“Hackers frequently look at crises as an opportunity, and COVID-19 is no different,” TAG director Shane Huntley wrote in a blog post about the findings. “Across Google products, we’re seeing bad actors use COVID-related themes to create urgency so that people respond to phishing attacks and scams.… TAG has specifically identified over a dozen government-backed attacker groups using COVID-19 themes as a lure for phishing and malware attempts—trying to get their targets to click malicious links and download files.”