Google’s security experts have notified between 51-100 Indian users that their accounts were targets of “state-sponsored” attackers in April, the tech giant announced in its blog post dated Wednesday. Google however, did not specify whether the attackers were backed by the users’ own governments or a foreign party.
It was only last November that the company had warned close to 500 Indians against “government-backed phishing” between July and September 2019. The latest developments are thus only a resurgence.
On a global scale, the company claims to have sent out 1755 warnings to users related to government-backed threatening.A ccording to Google, the attacks have taken place across 50 countries worldwide. While the blog post went on to share the company’s recent uncovered information about state backed threats and misinformation, further details are to be released in quarterly bulletins.
Google has identified various intentions of the state that could explain these activities. Firstly, they may be aimed at collecting intelligence or the theft of intellectual property. Secondly, the state may be targeting activists or dissidents engaging in misinformation campaigns or influence operations.
A distinct section of phishing activities have also been identified to be “COVID-themed attacks”. “As others have reported, we have been seeing a resurgence in COVID-related hacking and phishing attempts from numerous commercial and government-backed attackers” said Google.
An example of this section of attackers includes “hack-for-hire” firms identified by Google, many of which are based in India. These are typically targeted at leaders in financial services, consulting and healthcare operations in various countries. The attackers lure individuals in by inviting them to sign up for COVID-19 related notification from WHO. Instead, the users are then linked to sites run by the attackers which strongly resemble the official WHO website.
These sites eventually attain personal information such as phone numbers and Google account credentials through counterfeit login pages.
In an effort to reduce instances of phishing and hacking, the tech giant claims to have removed thousands of YouTube channels linked to such campaigns. In the case of India specifically, 3 advertisement accounts, one adservice account and 11 YouTube channels have been terminated.
The blog post also mentions that the tech giant is directing efforts and building tools to identify, track and stop such activities. Google is working with law enforcement firms, industry partners, third parties and ‘Trust and Safety teams’ set up by the company to prevent these activities.