Google rolls out program to combat coronavirus scams

Google on Wednesday rolled out a new program to combat scams related to the COVID-19 pandemic as attempted cyberattacks and phishing scams have spiked during the crisis. 

The new “Scam Spotter“ program, co-created with the Cybercrime Support Network, recommends a three-step process for individuals to consider before handing over personal information through a phone call or email. 

The program also tests the ability of an individual to spot a scam, gives examples of common ones such as those pretending to be from a government agency or bank and provides resources to report any scams to the Federal Trade Commission.

Google Vice President Vint Cerf wrote in a blog post that combating scams would take a “cross-generational effort” due to the tendency of seniors to fall for them more than younger generations. 

“I’m the biggest advocate for communications technology you’ll ever meet, which is why I care so much that everyone’s online experience be safe and fun,” Cerf wrote. “If we learn how to spot the bad actors, we can spend our time focusing on those moments that matter.”

Scams and cyberattacks have spiked during the coronavirus pandemic. The FBI’s Internet Crime Complaint Center said last month that it had received about 3,600 complaints related to coronavirus scams, and the IRS has warned of scams targeting coronavirus relief checks. 

Many cyberattacks and scams have targeted groups or employees in the health care sector. 

Google’s Threat Analysis Group revealed in a separate blog post published Wednesday that the company had sent more than 1,700 warnings to users that their Google accounts were targeted by government-backed attackers in April alone. 

Much of the new activity stemmed from what Google described as “hack-for-hire” groups based in India, which are creating Gmail accounts posing as the World Health Organization (WHO) to target health care and financial services groups in countries including the U.S., Canada and the United Kingdom.

The team also announced that it had removed “more than a thousand” YouTube channels since March that were linked to Chinese messages around COVID-19 and other issues, with Google researchers finding that these channels were “behaving as part of a large campaign” as part of a coordinated effort. 

“Our hope is that this new bulletin helps others who are also working to track these groups, such as researchers studying this issue, and we hope these updates can help confirm findings from security firms and others in the industry,” Google’s Shane Huntley wrote.

The new findings came a month after Google announced that it had tracked at least a dozen government-backed hacking groups using the COVID-19 pandemic to target the health care sector. Google also revealed last month that it was seeing around 18 million coronavirus-related malware and phishing emails sent per day through its services. 

Google is the not the only group to warn of cyber threats to health care groups stemming from the coronavirus pandemic. U.S. agencies recently warned that Chinese government-backed hackers were targeting these groups, and the WHO and the Department of Health and Human Services have been targeted.