Security News > 2020 > May > Crooks Tap Google Firebase in Fresh Phishing Tactic

Crooks Tap Google Firebase in Fresh Phishing Tactic
2020-05-21 12:00

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google's cloud infrastructure to dupe victims and skate by secure email gateways.

Using the Firebase storage API, companies can store data in a Google cloud storage bucket.

The phishing effort starts with spam emails that encourage recipients to click on a Firebase link inside the email in order to visit promised content, according to Trustwave researcher Fahim Abbasi, writing in an analysis released Thursday.

"Since it's using Google Cloud Storage, credential-capturing webpages hosted on the service are more likely to make it through security protections like Secure Email Gateways due to the reputation of Google and the large base of valid users," Karl Sigler, senior security research manager, SpiderLabs at Trustwave.

"In this campaign, threat actors leverage the reputation and service of the Google Cloud infrastructure to conduct phishing by embedding Google firebase storage URLs in phishing emails."


News URL

https://threatpost.com/crooks-tap-google-firebase-in-fresh-phishing-tactic/155967/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 253 4223 4523 728 9727