Security News > 2021 > May > Microsoft, Google Clouds Hijacked for Gobs of Phishing

Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit.

In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.

Proofpoint provided several examples of campaigns hiding behind Microsoft and Google that attempted to scam users into giving up their information or delivering malware.

Attackers used Gmail to host another campaign starting in March, which delivered a fraudulent benefits message along with a Microsoft Excel attachment, which when macros were enabled, delivered The Trick banking trojan to steal credentials.

Attackers' use of Gmail and Microsoft to lend a patina of legitimacy to their emails is part of a wider trend: Threat actors are generating increasingly convincing lures.

"Our research clearly demonstrates that attackers are using both Microsoft and Google infrastructure to disseminate malicious messages and target people, as they leverage popular cloud-collaboration tools," The Proofpoint report added.

News URL

https://threatpost.com/microsoft-google-clouds-hijacked-phishing/166329/