The coronavirus has brought out the worst in online malicious actors seeking to capitalize on public interest and fear related to the epidemic. And Google is responding with a defense built into Gmail. But Google can't catch everything.

A new blog post on Google Cloud outlines what Google is doing to protect businesses and users from the latest cyber threats and offers tips on how to protect yourself.

According to Google, phishing attacks and scams, whether based on fear or financial motivation, create a false sense of urgency to get users to respond. One example is an attempt to impersonate the World Health Organization to solicit fraudulent donations or distribute malware.

Google cites another phishing attack targeting telecommuting employees. The modus operandi of this phishing scam is to try to get users to click on a link and add it to their benefits payroll for the next few months. It then instructs a deadline to act within 48 hours.

Yet another urges users to download the attached invoice with the subject line "COVID-19 Payment." This is an attempt to mimic the government in order to make it appear as if the e-mail is promoting access to the stimulus package. Other e-mails attempt to steal personal information from people working from home.

The good news is that Google claims that it continues to block more than 99.9% of the spam, phishing, and malware that reaches Gmail users. It is also improving security with more proactive features.

This includes monitoring for COVID-19 related malware and phishing and adding it to Google's Safe Browsing API. This will protect users not only in Gmail, but also in Crome and other integrated Google products.

If you are using G Suite, advanced phishing and malware controls are on by default, according to Google. In other words, all of these proactive protections are automatically enabled. For example, Gmail for G Suite identifies emails with unusual attachment types or that attempt to spoof the company's domain, and displays a warning banner, sends it to spam, or quarantines the message.

To protect yourself, Google offers a list of best practices that apply to organizations and everyday users. This includes completing this security checkup to improve the security of your account. You should also avoid downloading files you don't recognize; you can always use the document preview built into Gmail.

You can also do your part by checking the integrity of the URL before providing credentials or clicking on links; according to Google, fake URLs mimic real ones and contain additional words. If you receive a phishing email, you can report the phishing email using Google's support resources.