Google: Resurgence In Pandemic Hacking, Phishing | #natoinalcybersecurity | #cybersecurity | #informationsecurity

Google’s security experts had their hands full in April, as its Threat Analysis Group (TAG) emailed 1,755 warnings to users whose accounts were targets, the California-based global technology company wrote on its blog Thursday (May 27).

These threats reflect a resurgence in hacking and phishing attempts by cyber criminals as the commercial and government-backed attackers try to seize opportunities for scams amid the COVID-19 pandemic, Google wrote.

Somw thieves appear to be seeking to steal intelligence or intellectual property while others target dissidents or activists, or attempt to engage in coordinated influence operations and disinformation campaigns, Google wrote.

“We continue to see attacks from groups like Charming Kitten on medical and healthcare professionals, including World Health Organization (WHO) employees,” according to the blog.

Google said TAG has identified the latest threats from more than a dozen government-backed “hack-for-hire” firms attempting to use the pandemic to phish and add malware to computers. The at-risk accounts include leaders in financial services, consultants, and healthcare corporations in the U.S., Slovenia, Canada, India, Bahrain, Cyprus, and the U.K. These hackers encourage individuals to sign up for direct notifications from the WHO to stay informed of COVID-19 related announcements, and link to attacker-hosted websites that look strikingly like the official WHO website. They feature faux login pages that prompt potential victims to provide their Google account credentials, and encourage them to give up other personal information, Google wrote.

“Since March, we’ve removed more than a thousand YouTube channels that we believe to be part of a large campaign and that were behaving in a coordinated manner,” the blog post said. “These channels were mostly uploading spammy, non-political content, but a small subset posted primarily Chinese-language political content similar to the findings of a recent Graphika report.”

The 28-page survey revealed a pro-Chinese cross-platform political spam network that Graphika has dubbed “Spamouflage Dragon​” has emerged, ​establishing new accounts and reactivating dormant ones to post about Hong Kong politics, Chinese regime critics and the Chinese response to COVID-19.

Google said it has deployed its Advanced Protection Program (APP) to help protect high-risk accounts against these such attempts with its hardware security keys. Google said it provides the strongest protections available against phishing and account hijackings. APP was designed specifically for high-risk accounts.

In addition, Google wrote that itsIt products contain built-in security features, such as Gmail protections against phishing and browsing in Chrome. They vowed to use “significant resources” to develop new tools and technology to help identify, track and stop this kind of activity.

Google said it also works with law enforcement, industry partners, and third parties like specialized security firms to assess and share intelligence.



The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.


Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

.  .  .  .  .  .  . .  .  .  .  .  .  .  .  .  .   .   .   .    .    .   .   .   .   .   .  .   .   .   .  .  .   .  .

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App







National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.