According to a recent report by Google’s Threat Analysis Group (TAG), plentitude of government-backed attacker groups has leveraged the global COVID-19 pandemic to set up phishing and malware attacks against targets.

TAG – a specialized team of security experts of Googleworks to “identify, report, and stop government-backed phishing and hacking”against Google and Google users.“TAG has specifically found out over a dozen government-backed attacker groups using Covid-19 themes to attract phishing and malware attempts,” Google said in the report.

The American multinational technology company highlighted a particular campaign where hackers had targeted the personal Google accounts of U.S. government employees. Cyber attackers had tried getting these users to click on malicious links using phishing lures posing as American fast-food franchises and Covid-19 messaging.

As per the report, some of the e-mails offered free meals and coupons due to COVID-19 pandemic.And the other e-mailshad online ordering and delivery options. Once the user clicks on these links, they arere-directed to phishing pages that collects their Google credentials automatically.

A majority of these messages were sent to spam even without users viewing them.Moreover, the tech-giant blocked the domains using Safe Browsing preemptively. The company isunaware of any user having their account compromised by this campaign, but they are also notifying all targeted users with “government-backed attacker” warning.

Google has also detected multiple phishing and scamming attempts by hackers impersonating as health organizations.

The tech giant’s security team found new, COVID-19-specific targeting of international health organizations which is consistent with the threat actor group dubbed Charming Kitten.

The report also stated that these findings depict that health organizations, public health agencies, and the individuals working there are becoming new targets as a result of COVID-19. “We’re proactively adding extra security protections, such as higher thresholds for Google Account sign in and recovery, to more than 50000 of such high-risk accounts,” the report said.

Furthermore, the search giant had also detected 18 million malware and phishing Gmail messages per day related to COVID-19 for personal Gmail users in addition to more than 240 million COVID-related daily spam messages.

Google has donated over $200,000 in grants as part of a new Vulnerability Research Grant Covid-19 fund for Google VRP researches who help identify various vulnerabilities in a bid to enhance cybersecurity during the pandemic.