Google says it sent out 1,755 warnings last month to notify users who were targeted by ‘government-backed attackers’. In an official blog post this week, the company said that hacking and phishing activities from “hack-for-hire” firms have been on the rise in the midst of the pandemic.

The victims of the state-sponsored hacking include people from several countries, including between 51 and 100 individuals from India. Google did not say whether they were targeted by the Indian government or by agents working for other nations, but claimed that many of the alleged hacking activities originated from India.

According to Google, many of these cyber-criminals have been creating Gmail accounts spoofing the World Health Organization (WHO). The accounts have largely targeted business leaders in financial services, consulting and healthcare corporations in a number of countries, including the US, Slovenia, Canada, India, Bahrain, Cyprus and the UK.

As for their modus operandi, they’re looking to lure unsuspecting users into signing-up for COVID-19 newsletters from the WHO. Of course, they have no affiliation with the WHO and are using a fake site that looks suspiciously like the real deal, but in reality, is an attempt to get potential victims to give up their Google account credentials, and occasionally, even their phone numbers.

Spoofed WHO Newsletter sign-up prompt (Image Courtesy: Google)

Through their devious means, the state-sponsored hackers are mostly looking to collect intelligence or steal intellectual property, says Google. Some of the cyber-criminals also target activists, while others attempt to launch ‘coordinated influence operations’ and disinformation campaigns. To prevent the spread of misinformation, Google says it has removed more than a thousand YouTube channels that were part of a large campaign and were behaving in a coordinated manner.