Security News
The threat actors behind a large-scale adversary-in-the-middle phishing campaign targeting enterprise users of Microsoft email services have also set their sights on Google Workspace users. The AitM phishing attacks are said to have commenced in mid-July 2022, following a similar modus operandi as that of a social engineering campaign designed to siphon users' Microsoft credentials and even bypass multi-factor authentication.
Google Cloud announced 11 new G Suite security features on Tuesday. The Google Cloud upgrades optimize security across G Suite's key products: Gmail, Meet, and Chat.
Security researchers have tested nearly 1,000 enterprise apps offered on Google's G Suite Marketplace and discovered that many ask for permission to access to user data via Google APIs as well as to communicate with external services. The G Suite Marketplace is an online "App store" from which enterprise applications that are integrated with G Suite can be added to an entire domain or to individual G Suite accounts.
Business email compromise attacks continue to be a thorn in companies' sides, with the FBI in its IC3 annual cybercrime report saying that the attacks cost victims $1.7 billion in 2019. Making matters worse, BEC cybergangs are turning to new tactics and tricks to avoid detection and capitalize on existing victims.
The menace of Business Email Compromise is often overshadowed by ransomware but it's something small and medium-sized businesses shouldn't lose sight of. Bang on cue, the FBI Internet Crime Complaint Center has alerted US businesses to ongoing attacks targeting organisations using Microsoft Office 365 and Google G Suite.
A group of business email compromise scammers that targeted thousands in the United States employed Google's G Suite for their infrastructure, Agari reports. Active since at least 2013, the group engaged in check fraud schemes in 2014, and has sent out thousands of fake checks since then, "Adding up to millions of dollars in fraudulent funds using this scheme and others like it," Agari says in their report.
Like many other BEC scammers, this group primarily runs its activities from Nigeria, but it also has operations in Ghana and Kenya, according to the report. Although the BEC gang originally focused on more traditional check fraud when it started operations in 2013, the group switched to BEC schemes starting around mid-2017, the researchers determined.
The cybercrime ring is unique in its leveraging of Google's cloud-based productivity suite, G Suite, and for its use of physical checks for collecting fraudulent payments - as opposed to wire transfers. "For Exaggerated Lion, their use of physical checks as a cashout mechanism sets them apart from other BEC groups and their evolution to creating fake documents that are commonly used in authentic business transactions to add legitimacy to their scams."
Google this week announced plans to turn off access to G Suite account data for less secure apps (LSAs), as they represent a potential security risk for users. read more
Earlier this year, Google provided G Suite admins and users with a new 2FA option: one-time security codes based on security keys. Now it offers an new option to make them more secure: admins can...