Security News > 2020 > July > Phishing attacks hiding in Google Cloud to steal Microsoft account credentials
2020-07-21 13:08
By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research.
The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.
A recent phishing attack analyzed by cyber threat intelligence provider Check Point Research is using Google Cloud services to conceal its malicious intent.
Built to resemble a Microsoft SharePoint notice, the PDF contains a link to Access Document, which takes the user to the actual phishing page.
Through the entire journey from the initial PDF document to the final PDF report, the campaign appears to be convincing, especially because the phishing page is hosted on Google Cloud.
News URL
Related news
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Phishing kits now vet victims in real-time before stealing credentials (source)
- iOS devices face twice the phishing attacks of Android (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)