According to Google, the number of state-sponsored phishing and hacking attacks worldwide is on the rise. The company’s Threat Analysis Group continues to track over 270 targeted or government-backed attacker groups from over 50 countries every day. Google TAG identifies and tries to prevent organized phishing campaigns, zero-day vulnerabilities, and hacking attempts against its products, services, and users.
Google issues 1,755 warnings to users
Google has shared some of its recent stats pertaining to the number of government-backed phishing campaigns identified over the last few weeks. Google said it issued 1,755 warnings to users whose accounts were targets of government-backed attackers in April alone.
“We continue to see attacks from groups like Charming Kitten on medical and healthcare professionals, including World Health Organization (WHO) employees,” said Shane Huntley, Director of Google’s Threat Analysis Group.
Last month, Google saw more than 18 million daily malware and phishing attempts over the course of two consecutive weeks. Google has also witnessed over 240 million coronavirus-related spam messages.
India-based “hack-for-hire” firms on Google’s radar
Google has observed new activity from several India-based “hack-for-hire” firms. These firms have been creating Gmail accounts spoofing the WHO.
Google says these fake Gmail accounts impersonating WHO have primarily targeted business leaders in financial services, consulting, and healthcare corporations in countries like the U.S., Slovenia, Canada, India, Bahrain, Cyprus, and the UK.
These fraudulent phishing campaigns try to trick users into signing up for fake notifications from the WHO to stay updated with COVID-19 related announcements.
These campaigns further send their victims to attacker-hosted websites that bear a striking resemblance to the official WHO website.
These fake phishing websites ask users to verify their login credentials by entering their Google account credentials. Once users enter their Google account credentials, it could potentially compromise multiple accounts since most users tend to use the same passwords for multiple apps, services.
Over the last few months, researchers have noticed a sudden spike in the deployment of phishing website templates that impersonate NGOs like WHO, Internal Revenue Service (IRS), among others.
Recently, we saw how new phishing campaigns impersonating the World Health Organization (WHO) are on the rise, in the wake of the COVID-19 outbreak.