Security News > 2020 > July > Phishing attacks hiding in Google Cloud to steal Microsoft account credentials
2020-07-21 13:08
By hosting phishing pages at a legitimate cloud service, cybercriminals try to avoid arousing suspicion, says Check Point Research.
The idea is that such phishing pages will better elude detection by security products and more easily ensnare unsuspecting victims.
A recent phishing attack analyzed by cyber threat intelligence provider Check Point Research is using Google Cloud services to conceal its malicious intent.
Built to resemble a Microsoft SharePoint notice, the PDF contains a link to Access Document, which takes the user to the actual phishing page.
Through the entire journey from the initial PDF document to the final PDF report, the campaign appears to be convincing, especially because the phishing page is hosted on Google Cloud.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Google Cloud introduces quantum-safe digital signatures in KMS (source)
- Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously” (source)