Phishing campaign uses Google Cloud Services to steal Office 365 logins

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-cloud-services-to-steal-office-365-logins/

Fraudsters looking to collect login details are increasingly turning to public cloud services to host lure documents and phishing pages, making it more difficult for targets to detect the attack.

The trend has gained traction among cybercriminals, who rely on multiple cloud services to host phishing landing pages and the lure documents redirecting to them.

In a campaign this year, fraudsters set up a clever scenario that involves multiple legitimate elements to hide the theft of Office 365 credentials.

Researchers at Check Point describe in a report today that the attackers relied on Google Drive to host a malicious PDF document and Google’s “storage.googleapis[.]com” to host the phishing page.

Researchers full report below:

How scammers are hiding their phishing trips in public clouds

Check Point researchers warn and cite an example of a fast-growing trend in which hackers are concealing phishing attacks on Google Cloud Services.

blog.checkpoint.com