There’s a flood of fake Covid-19 emails circulating online. Google has cautioned users against them and asked everyone to take guard. The Gmail service has had to stay on its toes, blocking as many as 18 million malware and phishing emails each day. Google says that apart from the 18 million malware threats, they have also been blocking more than 240 million Covid-19 related spam messages.

Fake Covid-19 emails

These messages seek to exploit the apprehensions we have regarding the pandemic. Google has observed that cybercriminals have been creating fake emails that claim to be from the World Health Organization and are asking for donations. These emails are designed to trick you into downloading a malicious file that helps the cybercriminals take over your computer.

Even some fake emails claim to have been sent by your company’s IT staff. These, again, trick you into clicking on a malicious link that takes you to details concerning the effects of Covid-19 on payroll while stealing sensitive data. Another strategy being used by cybercriminals centers on the economic stimulus packages being offered by the American Government to smaller businesses. The technique involves attaching a malicious .htm file to the email regarding a Covid-19 payment.

Google Is Trying to Protect You

What’s positive in all this gloom is that Google has managed to block as much as 99.9% of these phishing and spam emails. However, there are still thousands of these malicious mails still reaching your inbox, a part of the 0.1% of the 18 million phishing emails that Google is failing to block.

Again, hackers have been found to make small changes to their emails so that Google can be fooled, and the emails do reach your inbox. Google has found that around 63% of the malicious emails sent to all Gmail users have considerable technical differences from bad attachments sent earlier.

Now that you’re aware of the phishing threat, we will share some more details along with the two most common phishing techniques. We will also discuss the methods to safeguard against phishing.

Phishing 101

Phishing is a cybercrime of sending fraudulent emails or messages that pretend to be from reputable sources. Emails are the most common medium used for phishing attacks. The goal of such an attack is to steal your sensitive data like your credit card details and installing malware on your machine.

We share with you two of the most common techniques used by cybercriminals to launch a phishing attack.

Link manipulation is directing a user to click on a fraudulent link that takes them to a fake website. Cybercriminals may resort to using sub-domains to trick you. For example, the correct link to access Yahoo Mail is

A phisher may try tricking you with a fraudulent link going clicking on, which takes you to a fake domain. Again, call to action links, as “click here” or “subscribe,” might be the URLs to phishing websites. URL hijacking is another trick where the URL to a legitimate site is misspelled, and the fake URL with the incorrect spelling takes you to a fake website.


Smishing uses a text message to trick you into revealing private information. The text message carries a link that downloads malware to steal your data, like your banking details. Another smishing tactic involves posing as a reputed institution and asking for your personal information. You may also find a scammer posing as a tax department official to steal your financial information.

How To Protect Yourself from Phishing

Now that we have made you aware of the basics of phishing, we share with you two very effective tips on countering them.

  • Avoid clicking on any links or attachments that come in suspicious emails.
  • If you have received an email from a suspicious source pretending to be a reputed organization, we suggest that you open a new tab on your web browser. You can then go to the organization’s website on the new tab to confirm if the organization is indeed sending emails to its customers. Again, you may call the organization seeking clarification. The best thing to do is to open the organization’s official website and avoid clicking on the link or attachment altogether.
  • Install a VPN. A Virtual Private Network can protect you from phishing attacks. Such tools encrypt your internet traffic and hide your IP address. However, tools like Atlas VPN take a step further. Through additional features, you can block potentially dangerous websites and ads. Thus, it is possible that it will prevent you from accessing a shady or fake website.


Despite Google’s best efforts, phishing emails still reach you. Crimes like link manipulation and smishing are still rampant. Cybercrime is a threat that looms over all of us. Staying protected is important. Stay cautious and follow our tips to protect against online frauds like phishing.

Kehl Bayern

Kehl Bayern ( is our staff news writer and has over a decade of experience in online media and publishing. In terms of photography, he is interested in architecture and modern design....

Leave a comment

Your email address will not be published. Required fields are marked *