Security News > 2020 > November > Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns
Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns.
Armorblox co-founder and head of engineering Arjun Sambamoorthy just published a report detailing how now-ubiquitous services like Google Forms, Google Docs and others are being used by malicious actors to give their spoofing attempts a false veneer of legitimacy, both to security filters and victims.
"Hosting the phishing page on a Google Form helps the initial email evade any security filters that block known bad links or domains," according to Sambamoorthy.
"Since Google's domain is inherently trustworthy, and Google forms are used for several legitimate reasons, no email security filter would realistically block this link on 'day zero.'".
Sambamoorthy told Threatpost that the security responsibility does not rest on Google alone and that organizations should not rely solely on Google's security protections for their sensitive data.
News URL
Related news
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data? (source)
- Novel phishing campaign uses corrupted Word documents to evade security (source)
- Phishers send corrupted documents to bypass email security (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)