Security News > 2021 > May > Microsoft, Google Clouds Hijacked for Gobs of Phishing
Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit.
In the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google's infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.
Proofpoint provided several examples of campaigns hiding behind Microsoft and Google that attempted to scam users into giving up their information or delivering malware.
Attackers used Gmail to host another campaign starting in March, which delivered a fraudulent benefits message along with a Microsoft Excel attachment, which when macros were enabled, delivered The Trick banking trojan to steal credentials.
Attackers' use of Gmail and Microsoft to lend a patina of legitimacy to their emails is part of a wider trend: Threat actors are generating increasingly convincing lures.
"Our research clearly demonstrates that attackers are using both Microsoft and Google infrastructure to disseminate malicious messages and target people, as they leverage popular cloud-collaboration tools," The Proofpoint report added.
News URL
https://threatpost.com/microsoft-google-clouds-hijacked-phishing/166329/
Related news
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- All Google Cloud users will have to enable MFA by 2025 (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- Microsoft disrupts ONNX phishing-as-a-service infrastructure (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- HubSpot phishing targets 20,000 Microsoft Azure accounts (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)