Security News > 2020 > November > Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns
Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.
Armorblox co-founder and head of engineering Arjun Sambamoorthy just published a report detailing how now-ubiquitous services like Google Forms, Google Docs and others are being used by malicious actors to give their spoofing attempts a false veneer of legitimacy, both to security filters and victims.
"Hosting the phishing page on a Google Form helps the initial email evade any security filters that block known bad links or domains," according to Sambamoorthy.
"Since Google's domain is inherently trustworthy, and Google forms are used for several legitimate reasons, no email security filter would realistically block this link on 'day zero.'".
Sambamoorthy told Threatpost that the security responsibility does not rest on Google alone and that organizations should not rely solely on Google's security protections for their sensitive data.
News URL
Related news
- Google Chrome gets a mind of its own for some security fixes (source)
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)