If it looks phishy, don’t click. COVID-19 is spawning lots of online scams.
Apr 29, 2020

If it looks phishy, don’t click. COVID-19 is spawning lots of online scams.

More people are working remotely right now and the coronavirus crisis has left us more distracted. How vulnerable are we online?

Malicious hacking activity is way up over the past couple of months. In fact, a report this month from Google found that 12 groups with ties to foreign governments are using content related to COVID-19 to create phishing emails that attempt to trick people into turning over personal information or clicking a link that can install malware.

Hackers commonly use major events, news headlines and disasters to try to trick people into making bad decisions so they can compromise their computers. Unfortunately right now, the pandemic provides them with a whole lot of bait.

I spoke with Lily Hay Newman, a senior writer at Wired, who wrote about the Google report. The following is an edited transcript of our conversation.

Lily Hay Newman. (Photo courtesy of Newman)

Lily Hay Newman: Google found that state-sponsored hackers from countries around the world are using the cover of the pandemic to mount their attacks. It’s important to note, because while there have been a lot of different types of attacks coming from everywhere as a result of this — from criminals, from scammers — there was an idea that nation-state hackers, government-backed hackers, might be taking advantage of this as well, and Google’s report shows that that’s the case. 

Molly Wood: What does that look like specifically? Is it mostly phishing attacks that might be aimed at people who work in corporations or sensitive infrastructure? 

Hay Newman: Right, exactly. In one case, Google saw a campaign targeting U.S. government workers, but on their personal email accounts, with phishing emails that were trying to steal those Google login credentials. They were emails that pretended to be from fast-food companies with coupons. They’re targeting government workers, but it’s your personal account, it’s about food, it feels totally removed from the types of things people might be looking out for. You can see how it’s a clever way to try to take advantage of this.

Wood: Have we seen any results from this? Certainly there were Zoom emails and passwords for sale, but I feel like I also saw that maybe [the World Health Organization] or the Bill Gates Foundation had been targeted.

Hay Newman: There have been a number of high-profile attacks coming to light. So far, people are mostly saying [that] either it doesn’t seem that the attacks were successful or that it’s not confirmed. They’re not sure, basically. Researchers really caution that it’s likely that it’s happening, that nation-state attackers, again, from countries around the world, that they are successfully grabbing credentials and trying to just lay low. Just because we haven’t heard about the bombshell yet doesn’t mean it’s not happening.

Wood: What is the worst-case-scenario here? Do you think cybersecurity officials are worried about a 9/11-style cyberattack in the midst of what is already a pretty destabilizing event?

Hay Newman: It certainly is possible that someone could mount a disruptive, offensive cybersecurity attack like that. The bigger issue with this specifically is the idea that it’s just a fertile time for a huge amount of intelligence gathering. I think those are the worst-case-scenario concerns right now.

Wood: Tell us what it is about this moment that makes us more vulnerable to these phishing attempts. Is it the combination of clever appeals and phishing emails and just our general distractedness?

Hay Newman: I definitely think that’s a lot of it. The pandemic just provides so much great fodder — and when I say great, I mean problematic — because it just goes on and on. You have people’s home living situations being different — going to the store to get groceries or trying to find toilet paper — all these acts of daily living are now different. But also, their job is different, or maybe they’re out of work or they’re trying to seek government assistance. So many aspects of our daily lives are altered or impacted by the situation that it creates a lot of fodder for all the different types of masquerading emails you could write pretending to be related to any of those things. It would be more likely to come across as genuine, because people are scared, concerned, seeking information, all feelings of a sense of urgency that make it more likely that phishing attacks will be successful. Combined with that, a lot of people are working from home, they’re using [virtual private networks], their companies are seeing all this remote traffic on their networks, and that’s now expected because all their workers are remote. But what if someone else is remote who isn’t supposed to be there? It’s a lot easier to hide in that traffic, because it all looks the same. A lot of types of concerns coming out of these conditions.

Google reported phishing emails disguised as fast-food coupons that targeted U.S. government workers. (Justin Sullivan/Getty Images)

Related links: More insight from Molly Wood

There’s also an Al Jazeera piece about corporate hacking, in particular, with some pretty disturbing numbers in it. One security executive said there’s a cybersecurity pandemic happening at the same time as the COVID-19 pandemic, especially since remote workers are more vulnerable to intrusion. One software and security company said ransomware attacks had jumped 148% in March, and an FBI cybersecurity official said reports about hacking were coming in at a rate of three to four times normal. 

Also watching

I told you there’d be tech earnings this week. Alphabet kicked it off Tuesday, reporting a 13% increase in revenue overall, including a 52% increase in its cloud business year over year, and 33% growth year over year for YouTube — a $4 billion business in its own right. But Alphabet says it considers that slow growth, and said the second quarter, which will reflect the real impact of the coronavirus crisis, is likely to not be good. 

Microsoft and Facebook announce earnings Wednesday. Facebook has recently put out a slew of new products to compete in the coronavirus age, including a competitor to Zoom and always-on chat rooms that are like Houseparty. 

Finally, Facebook-owned Instagram and TikTok both announced new tools on Tuesday to support fundraising and donations to charities on their platforms. Instagram will let creators take donations during live streams and show who donated so they can get shoutouts, and TikTok announced Donation Stickers for live streams and recorded videos. People tap the sticker and are taken to a page where they can donate to a collection of preselected charities. If this is our entertainment now, let us do good while we stream.

The future of this podcast starts with you.

Every day, Molly Wood and the “Tech” team demystify the digital economy with stories that explore more than just “Big Tech.” We’re committed to covering topics that matter to you and the world around us, diving deep into how technology intersects with climate change, inequity, and disinformation.

As part of a nonprofit newsroom, we’re counting on listeners like you to keep this public service paywall-free and available to all.

Support “Marketplace Tech” in any amount today and become a partner in our mission.

The team

Molly Wood Host
Michael Lipkin Senior Producer
Stephanie Hughes Producer
Jesus Alvarado Assistant Producer