Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Google

Google is Blocking 18 Million Coronavirus Scam Emails Every Day (bbc.com) 28

Posted by EditorDavid from the filtering-mail dept.
1.5 billion people use Gmail, according to a recent article in the BBC. And every day millions of them receive an email about a coronavirus scam: Scammers are sending 18 million hoax emails about Covid-19 to Gmail users every day, according to Google... The company said it was blocking more than 100 million phishing emails a day. Over the past week, almost a fifth were scam emails related to coronavirus. The virus may now be the biggest phishing topic ever, tech firms say...

The growth in coronavirus-themed phishing is being recorded by several cyber-security companies. Barracuda Networks said it had seen a 667% increase in malicious phishing emails during the pandemic...

Google claims that its machine-learning tools are able to block more than 99.9% of [scam] emails from reaching its users.
This discussion has been archived. No new comments can be posted.

Google is Blocking 18 Million Coronavirus Scam Emails Every Day More

Google is Blocking 18 Million Coronavirus Scam Emails Every Day

Comments Filter:

  • Gmail shouldn't be bragging. (Score:3)

    by Ecuador ( 740021 ) on Monday April 20, 2020 @07:50AM (#59968088) Homepage

    The company I work for has properly set up SPF/DKIM/DMARC and yet in our gmail-powered company email some high up employees often get phishing emails asking for bank transfers (with excuses like payroll etc) delivered directly to their inbox (not even spam) with "from" fields like: accounts@ourcompany.com with a "via sendgrid.net" or similar line underneath.
    So, all Gmail does with all the authentication SPF/DKIM/DMARC stuff is add a small "via" line under the "from" field. The obvious phishing email is not marked as dangerous and delivered to the inbox directly, where I would guess some not very careful/savvy employees might fall for it - given what we read in the news about such scams.
    I wouldn't brag if I were Google, if they are blocking 100 million emails a day, it means they are allowing billions a day to come through.

    • Being that Gmail is a service meant for general public usage. While your companies email is mostly setup for Business to Business email.

      For your company, a false positive isn't a big deal, and normally you can go to the person who failed to send that email to you. Tell them to upgrade their email server to do this and that, or you can add them to a white list.

      You can't do that with general usage emails. As there are legit emails being sent to people from bad servers, and sometimes with seemingly shady cont

      • Re: (Score:2)

        by Ecuador ( 740021 )

        I do not understand what you are saying. If a domain has SPF/DKIM set up, it means that the domain owner expects legitimate emails from this domain to come from specific IP addresses and to have a signature. If an email purporting to come from that domain comes from a different IP and with now signature it is definitely suspicious. Gmail, in our case at least, and from a paid company account, does not even flag such an email in an obvious way (except that "via" line - which is not very visible).
        Your suggest

      • Comment removed based on user account deletion

        • SPF works on the "envelope from", which is NOT the from address that is visible to the sender.

          DMARC says what to do if the header from doesn't match, and reject isn't the only choice. In fact it's not the choice one should start with in many cases. One should first set it to flag such messages, then only after confirming none are flagged should it be changed to reject.

          It's not unheard of for an admin to set up DKIM in test mode and forget to switch it to reject mode.

    • Re: (Score:1)

      by tokul ( 682258 )

      > So, all Gmail does with all the authentication SPF/DKIM/DMARC stuff is add a small "via" line under the "from" field.

      Google/Gmail are blocking SPF fails and softfails and throttling SPF neutrals. They are overzealous in their SPF part in "sender authentication". If they are ignoring DKIM or running DMARC/SPF checks against envelope sender instead of From, then it would be other side of story and you should be checking how people manage to bypass your DMARC policy.

    • Re: (Score:2)

      by richi ( 74551 )
      In my experience, GMail and G Suite light up a big, red warning sign if the inbound message fails authentication. Are you sure you've not left DMARC in test mode? What does the admin log say?

      • Re: (Score:2)

        by Ecuador ( 740021 )

        Do you get access to sysadmin logs on G Suite?
        I am not a sysadmin - not my area, so I had no part in setting up DMARC, I did however use a service that claims to test it by sending an email, just to make sure our sysadmins are not BSing me. It seemed happy enough, what can I say...

  • Nigerian prince here. (Score:4, Funny)

    by h33t l4x0r ( 4107715 ) on Monday April 20, 2020 @08:29AM (#59968152)
    I find these coronavirus scammers to be despicable. Please send me your bank account information so I can send you $100 million to combat these terrible people.
    • Google is not doing a great job of it, either.

      Not only have I been getting more spam emails from Google every day, it kept marking nearly any emails I get from conservative sources as "spam".

      Examples are NRA, official Trump PACs, and emails from conservative Congresscritters like Rand Paul and others.

      Repeatedly flagged as spam by Google.

      Never liberal sources (though I receive emails from them, too). Only politically conservative sources were marked as spam.

      I consider that to be despicable. Th
  • I was wondering why no one has fallen for my scams, er, I mean, taken advantage of my legitimate offers.

  • mumble mumble hoax mumble mumble chinks mumble mumble black helicopter mumble mumble agenda 51 mumble mumble 5g mumble mumble

  • like getting rid of the clickbait/spamvertising in their own in-house google app found in every android phone & tablet,

  • The problem with the computing industry is the learning curve involved. It doesn't follow a simple curve or a line. There is a slight curve to get you into a good with the computer category, enough to get you to a point where you can write programs, that are useful. Then the curve flattens for a while where you are good enough to be dangerous. Most people can get to this level from normal internet searches, and youtube videos (Back in my day, I large book on a programming language did the trick). This l

  • I got 4 covid emails since yesterday in my gmail.

  • Blocking Non-COVID (Score:3)

    by kackle ( 910159 ) on Monday April 20, 2020 @09:21AM (#59968276)
    Lately, it's been blocking my legit emails, too. I wouldn't mind if I ended up in my friends' spam folder or something, but the emails are just not getting there, no warnings, no nothing. That forces ME to get a new email account, though I've had the same one for decades.

    I understand what people mean when they say Google is getting too big.

  • Must be a slow week in scammerville.

  • Where are the "freedom of speech" defenders in this thread ? Isn't Google blocking spam a form of "censorship" ?

    Don't the usual arguments apply in this situation also ? Big corporation unilateraly and selectively removing information transiting through its platform. What arguments are they basing their decision on ? Who judges what is "spam" and what is not ? How do they know what is a "hoax" and what is legitimate information ? And doesn't the same apply to all email ? How do they know that my treatement a

    • "Isn't Google blocking spam a form of "censorship" ?"

      No.

      I have hired Google to filter unsolicited email. They are doing a respectable job fulfilling their contractual obligations in this regard sufficiently so that I no longer need to run my own server.

      Any other questions about the first amendment and censorship? I suggest you read it.

      • By "I have hired Google", don't you mean "I have created a gmail address and accepted Google's TOS by clicking 'I Accept' " ?

        How is that different than creating a facebook or twitter account by clicking 'I Accept' to their TOS, which, by the way, if you read it, means that you accept that they are free to remove (or for that matter, do whatever the fuck they want to do with) any post they choose, for any reason whatsoever ?

        In all cases, you chose to use a free service by accepting the TOS of that service. S

        • No. I paid for a business account. There is a contractual agreement. I do have a freebie account as well from back in the day but haven't used it in forever. I get a reminder to login to it every year or so. The paid account has a few more features and admin functions and lets me manage multiple domains and users -reasonably- easily. If I had to manage a large org this way it would suck but it's ok for what I'm paying.

    • They do.

      And google is fucking cancer.

      I'm an adult I can decide what I want and don't.

      And I sure don't want google.

  • For the past few years, spammers have been mostly sending from domains properly registered with boutique TLDs (super easy to filter for in my mailer config), and what few were left usually got caught by the spamhaus RBL. A couple of months ago, an "old school" spammer started up and I get like 5-20 a day. The thing is, once the virus hit, they all became some obvious scammy shit related to the pandemic. Most of them have been about thermometers.

Slashdot Top Deals

"Only the hypocrite is really rotten to the core." -- Hannah Arendt.

Close