It’s only 2.5% of 100 million phishing emails Google blocks in a single day — and still the threat grows.
Google says it blocked 18 million COVID-19 themed phishing emails in one week this month alone. The tech giant is training its machine learning (ML) to detect and block COVID-19 themed attacks. The effort appears to be paying off. Still, the staggering number of COVID-19 themed phishing emails amounts to only about 2.5% of the 100 million phishing emails Google blocks in a single day on average.
“The COVID-19 angle is not surprising. Attackers use what works and this crisis opens up a huge new lane for them to prey on people’s fear,” said Chris Rothe, co-founder and chief product officer at Red Canary.
But this new batch of COVID-19 baited phishing and spam campaigns require security teams to make quick adjustments in their strategies and tactics.
It’s no secret that Google machine learning models are some of the best in the world but even they need more training to stay abreast of current threats. So, too do ML-powered cybersecurity products from other vendors.
“The fact that 18 million COVID-19-related emails are blocked each day just by Google is a sign of just how prolific these attacks are. In these times of high stress and change, cybercriminals know that humans are more vulnerable than ever to phishing and smishing attacks and are doing their best to capitalize on this,” said Erich Kron, Security Awareness Advocate at KnowBe4.
But the weakest link is what it has always been when it comes to stopping spearphishing threats: humans.
“Because people are working from home and often miss out on the security benefits of corporate networks and organization managed devices, the bad guys know that many of the technical controls that can save people are now missing,” said Kron.
That means security partners need to step up their human training as much as vendors need to ramp up machine training.
“The best thing organizations can do right now is to ensure that their employees have up-to-date training on how to spot and report phishing emails to their organization. By reporting these, organizations can have them removed from other mailboxes, limiting the exposure to these attacks within the organization,” Kron added.
Meanwhile, email providers have both fans and critics as the first wave of spearphishing protections.
“Relying on email filters, crypto and firewalls to protect remote workers from opening the door to cybercrime is naïve. Patching people is the only way that we are going to win the war on cybercrime,” said Colin Bastable, CEO of security awareness training company Lucy Security.
While Google is one of the leaders in ML and an array of security measures, it too has detractors.
“Hackers use Gmail accounts with spoof names in BEC fraud, and to associate Gmail accounts with phishing links, in phishing campaigns. Google gets to virtue-signal while playing both sides of the fence,” said Bastable.
“Google is also using the ‘https:’ certificate requirement as part of their browser war with Apple and Microsoft, kidding people into thinking encrypted browser sessions keep people secure when using Chrome. Over 80% of phishing sites use certificates. People must always ask themselves what is in it for Google,” Bastable added.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.