Security experts at Alphabet Inc's Google sent 1,755 warnings in April to users whose accounts were targets of government-backed attackers, following a resurgence in hacking and phishing attempts related to the coronavirus outbreak.
Google said on Wednesday its Threat Analysis Group saw new activity from "hack-for-hire" firms, many based in India, that have been creating Gmail accounts spoofing the World Health Organization (WHO).
These accounts largely targeted business leaders in financial services, consulting and healthcare corporations in numerous countries including the United States, Slovenia, Canada, India, Bahrain, Cyprus and UK, the company said in a blog post.
"The lures themselves encourage individuals to sign up for direct
notifications from the WHO to stay informed of COVID-19 related
announcements, and link to attacker-hosted websites that bear a strong
resemblance to the official WHO website. The sites typically feature
fake login pages that prompt potential victims to give up their Google
account credentials, and occasionally encourage individuals to give up
other personal information, such as their phone numbers."
"To help protect users against these kinds of tracks, our Advanced Protection Program
(APP) utilizes hardware security keys and provides the strongest
protections available against phishing and account hijackings. APP was
designed specifically for high-risk accounts."
Google said it continued to see attacks from hackers on medical and healthcare professionals, including WHO employees.
WHO and other organizations, at the center of a global effort to contain the coronavirus, have come under a sustained digital bombardment by hackers seeking information about the outbreak.
"Since March, we've removed more than a thousand YouTube channels that we believe to be part of a large campaign and that were behaving in a coordinated manner", the blog post added.