back to article Google: We've blocked 126 million COVID-19 phishing scams in the past week

In the past week, an average of 18 million COVID-19 phishing emails were sent per day via Gmail to unsuspecting marks, according to Google. "No matter the size of your business, IT teams are facing increased pressure to navigate the challenges of COVID-19," said Neil Kumaran, products manager for Gmail, and Sam Lugani, lead …

  1. Dr_N Silver badge

    They added that "bad actors" have leapt upon the "uncertainty surrounding the pandemic".

    I don't agree with his views, but wouldn't say Woody Harleson was a particularly bad one. At least not compared to some others.

  2. SimonF


    That's like your wife coming home and saying "I've saved £400 on this coat in the sales"

    The number that matters is how many have they let through?

    1. Jan 0 Silver badge

      Re: Pointless

      > The number that matters is how many have they let through?

      It would be so nice if Google could return 20 million emails to every spammers' real mailbox.

      1. P. Lee Silver badge

        Re: Pointless

        I get far more spam to my google account than my self-hosted postfix server which has no spam filters beyond spf.

        1. IneptAdept

          Re: Pointless

          Literally this ...

          The email account I get most spam to and the one least used is my Gmail

          1. JCitizen Bronze badge

            Re: Pointless

            That is exactly what I was thinking reading this article - if Google is so good at this game, how come they can't reduce the spam in my GMAIL account? In fact I quit using it, and just keep it as a junk email account now.

            Windows gets a lot of flak, but their Outlook web based email at live(dot)com is the best I've ever used. I might get two to three junk mails every two weeks; but just lately I've received at least three PayPal phishing attempts in one week! I reported all of them to PayPal's spoof address, and marked them as such so Outlook would recognize them next time, and they have stopped for now.

  3. Pascal Monett Silver badge

    I'm getting Amazon spam

    I am regularly getting emails purporting to be from Amazon telling me that I have been unjustly charged twice and a refund is available if I click the link.

    First of all, at this point in time I am not dealing with Amazon. Second, if Amazon had indeed charged me twice, they could reverse the additional charge without me even knowing about it until I checked my bank account.

    It is frankly astonishing how little logic people use when confronted with this sort of thing.

    1. gerdesj Silver badge

      Re: I'm getting Amazon spam

      Have you got any form of anti spam thingie looking at your mail feed? I can recommend Exim for the basics (lol) and a damn fine MTA, backed with rspamd for the heavy spammy check lifting.

  4. MiguelC Silver badge

    It doesn't help that when you click on a Zoom meeting link in an e-mail, it downloads a small .exe file that, when run, connects you to the Zoom meeting. They're effectively training users to download and execute random files

    1. J. Cook Silver badge

      GotoMeeting's in the same boat; the 'helper' app is essentially their meeting launcher that's built on the fly to connect to that specific meeting number.

      Webex, while it also has a helper app, is a 'one and done' type of install- install it once, and you are good to go for all webex meetings.

    2. gerdesj Silver badge

      Jitsi does the same job and so does Big Blue Button. You have options.

  5. Kevin McMurtrie Silver badge

    Nothing changed

    Almost all of the spams I receive are still using Gmail accounts for replying. About half of those have been around for months - Google's search engine has even indexed them from blacklist sites.

  6. Anonymous Coward
    Anonymous Coward

    This article raised so many questions for me. First, is a "scan" message merely a typo for spam. Then there's all the huge numbers of blocked messages with no way to verify them. And how does one verify a url before clicking on a link to it?

    1. JCitizen Bronze badge

      And how does one verify a url before clicking on a link to it?

      Several ways, but the two methods I use are to hover my mouse over the link to see what is the actual address; IIRC all browsers have this service, I look in the lower left corner of the Chrome window to see what the actual URL is, and see if it matches. Another method I use if they do match, is copy the link to a web search engine that supports Web Of Trust (WOT); this way I can see their reputation if they have one. So many new dodgy sites come up every day, that most of them will be unknown, but it is better than nothing. McAfee's Site Advisor used to be better, but the company has become a Potentially Unwanted Program (PUP) lately, and I just couldn't stand it any longer.

      CORRECTION: the name was changed to "WebAdvisor". {McAfee}

  7. Jos V

    Old school spam

    I'm starting to get almost on a daily basis again the classic "we have installed an app that activates your camera and recording you "touching yourself in an indecent manor", send money to BC address [bc1q0x0rdt4znhspvxlm8cahtdntxtrhse2f2slhet] or we send the material to your contact list" mails again.

    It even includes a -very- old password in the subject header, that probably came from the LinkedIN data breach a while back. The last 4 it was always that same BC address, but different email sender.

    It's reported a couple of times on

    Several of my friends are getting the same thing happening now, with again, the same BC address.

    When looking at the source of the email (I know, don't tell me), the originator IPs all come from Microsoft (Outlook) domain, so good job MS (not). Also targeting my outlook email.

    1. David 132 Silver badge

      Re: Old school spam

      LOL at ”touching yourself in an indecent manor.... the filthy habits of the aristocracy, eh? Tch!

      1. Jos V

        Re: Old school spam

        Ha, good catch :-)

        I wish I were in a manor.

        Cheers, Jos

  8. one crazy media

    and they all went to Facebook

    and 190 million went to Facebook!

    Thank you, thank you Zukerberg, they all chanted!

  9. PatrickSmith

    I added this spam filter recently and it's doing a good job.

    However I'm wary of the full security provision as I know there are new strains of attack being created on a daily basis and I'm not sure if this will continue to do such a good job.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021