Security News > 2020 > July > Phishing attacks hiding in Google Cloud to steal Microsoft account credentials
By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research.
The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.
A recent phishing attack analyzed by cyber threat intelligence provider Check Point Research is using Google Cloud services to conceal its malicious intent.
Built to resemble a Microsoft SharePoint notice, the PDF contains a link to Access Document, which takes the user to the actual phishing page.
Through the entire journey from the initial PDF document to the final PDF report, the campaign appears to be convincing, especially because the phishing page is hosted on Google Cloud.
News URL
Related news
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- All Google Cloud users will have to enable MFA by 2025 (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)