Warning: Microsoft and Google Clouds are being abused to launch large-scale phishing campaigns
Notably, during the global pandemic so far, cybercriminals have taken advantage of the rapid shift of the business community towards cloud-based business services. cloud, thereby hiding malicious email scams behind popular, trusted services from major vendors like Microsoft and Google.
More specifically, security researchers from the cybersecurity organization Proofpoint discovered a total of more than 7 million malicious emails sent from Microsoft 365, along with 45 million phishing emails sent from the infrastructure. Google's floors, all of which were recorded in only the first 3 months of 2021. In addition, the investigation results also show that cybercriminal groups have also very effectively abused popular services such as Office 365, Azure, OneDrive, SharePoint, G-Suite, and Firebase to send phishing emails and attack target servers.
'The volume of malicious messages from these trusted cloud services has exceeded the size of any large botnet detected in 2020. Besides, the reputation and popularity of these This domain, typically outlook.com and sharepoint.com, is also a factor that greatly increases the difficulty of malicious email detection for security teams and even individual users', The report from Proofpoint said.
A lot of organizations are targeted for cloud phishing
Basically, just a single breached account can provide hackers with broad access to the entire network of an organization or business. As estimated by ProofPoint, up to 95% of organizations surveyed have been targeted by hackers through a cloud account compromise, and it is worth mentioning that more than half of that has been done. currently successful.
Once attackers gain credentials to an internal account, they can quickly abuse a combination of different services to send out more convincing phishing emails.
For example, Proofpoint detected a phishing email campaign that included a Microsoft SharePoint URL that was intended to lead recipients to a document detailing COVID-19 prevention guidelines, but actually contained malicious code. . This malicious message was sent to more than 5,000 people working in the transportation, manufacturing and sales services of several businesses in the United States.
Another login phishing campaign recently discovered by the Proofpoint team used the .onmicrosoft.com domain name to redirect the target to a fake webmail authentication page, designed to steal steal their login credentials to their online conference accounts. During this campaign, at least 10,000 malicious emails were sent aimed at people working in the fields of consumer manufacturing, technology and financial services.
In summary, Proofpoint's research clearly shows that cybercriminals are actively abusing popular cloud communication tools to spread malicious messages and target users of their infrastructure. a series of major vendors, including Microsoft and Google.
This reality, combined with the rise of ransomware, supply chain attacks, and cloud account breaches, makes building human-centered advanced email security strategies a continued priority. leading enterprise security administrators.
You should read it
- [Infographic] How to recognize and prevent Phishing attacks
- Learn about the Adversary-in-the-Middle phishing attack method
- What is Spear Phishing?
- New phishing attacks appear to use Google Translate as a disguise
- What is IPFS Phishing attack? How to avoid?
- How to protect yourself from phishing attacks via mobile phones
- 5 signs to identify phishing websites
- GitHub is under strong phishing attack, users pay attention to account security
May be interested
- Warning: Phishing attacks targeting Microsoft Teams show signs of sharp increasemicrosoft teams is reluctant to be the new target that online scammers are targeting.
- Microsoft shows how to avoid trapping phishingmicrosoft has issued a warning and recommended ways to protect users of e-mail services ...
- Learn about the Adversary-in-the-Middle phishing attack methodphishing attacks are extremely common right now. this method of cybercriminals can be very effective in stealing data and does not require a large amount of work at the grassroots level.
- Microsoft opened a store specializing in selling Google toysfor a long time, microsoft and google disliked each other and the two companies were always looking for ways to subdue their competitors. microsoft has repeatedly launched advertising campaigns that advise users not to use google's services, saying that search companies are always looking for ways to track their usage habits to earn money for advertising.
- [Infographic] 4 types of Phishing are easy to trap usersphishing often appears as a reliable activity by legitimate companies or a reputable electronic information site like ebay, paypal, gmail ..
- Google Alert is being used to spread malicious codeby using fake data leak notifications, hackers have taken advantage of google alert itself to spread malware and other phishing campaigns.
- What is Spear Phishing?you may have encountered spear phishing. when using this technique, cyber criminals will send you a message from an audience you know, asking you to provide your personal information.
- 24 impressive images of colorful clouds of the Carina Nebulalet's explore 24 impressive images of the colorful clouds of the carina nebula!
- Cybercriminals are using Microsoft Teams calls to commit fraudcybercriminals are calling people over microsoft teams pretending to be a company and offering help, but they won't do anything.
- Guide to blending clouds into beautiful and simple photoswith this application, you can pair the clouds into photos, blend the sky into photos in the easiest way