Security News > 2023 > October > New Netskope Report Exposes Increasing Use of Cloud Apps to Spread Malware

A new report from Netskope detailing the top techniques used by cybercriminals to attack organizations found that cloud apps are increasingly being used by threat actors, representing 19% of all clicks on spearphishing links.

Netskope recently reported that Microsoft OneDrive is the most popular cloud app used in enterprises, so it is not a surprise that attackers leverage this target a lot, alongside Microsoft Teams, SharePoint and Outlook.

Social media platforms and messaging apps: Attackers leverage popular social media platforms or messaging apps to reach targets with various baits.

Voicemail and text messages: Attackers target users with voicemail or SMS to spread phishing links.

Ray Canzanese, director of Netskope Threat Labs, told TechRepublic via email, that, "PDFs are popular among attackers because they are so commonly used for invoices, bills and other important correspondence. Adversaries create fake invoices and send them to their victims. Often, the only indicators that it is malicious are the URL or phone number it contains, and adversaries use obfuscation techniques to hide that from security solutions. These PDFs are created at such high volume and with so many variants that it is currently difficult for some security solutions to keep up. As with any adversary trends, security solutions will catch up and attackers will pivot to a new set of phishing techniques."

Attackers now use cloud storage apps a bit more than web storage on average for the first quarters of 2023.

News URL

https://www.techrepublic.com/article/netskope-cloud-threat-report-malware/