Kaspersky Blog: “Google Docs used for Office 365 credential phishing” - By Roman Dedenok - May 6, 2021
Since the onset of the COVID-19 pandemic, many companies have moved much of their workflows online and learned to use new collaboration tools. In particular, Microsoft’s Office 365 suite has seen a lot more use — and, to no one’s surprise, phishing now increasingly targets those user accounts. Scammers have been resorting to all sorts of tricks to get business users to enter their passwords on a website made to look like Microsoft’s sign-in page. Here is another phishing scheme that makes use of Google services.
Phishing letter
As most phishing schemes, this one begins with a letter (and link) similar to this one:
The unclear message from an unknown sender concerns some kind of deposit and includes a link having to do with “Deposit Advice.” The letter asks the recipient to check on the deposit type or confirm the sum. Now, although security systems alert recipients about the letter coming from outside the company, the link “to the file” passes muster because it connects to a legitimate Google online service, not a phishing site.
Phishing site
The link leads to a location that appears to be the OneDrive corporate service page. Users can even see that the document is available to any company user (made so likely in hopes someone will forward the link to a corporate accountant)...
Read More:
Since the onset of the COVID-19 pandemic, many companies have moved much of their workflows online and learned to use new collaboration tools. In particular, Microsoft’s Office 365 suite has seen a lot more use — and, to no one’s surprise, phishing now increasingly targets those user accounts. Scammers have been resorting to all sorts of tricks to get business users to enter their passwords on a website made to look like Microsoft’s sign-in page. Here is another phishing scheme that makes use of Google services.
Phishing letter
As most phishing schemes, this one begins with a letter (and link) similar to this one:
The unclear message from an unknown sender concerns some kind of deposit and includes a link having to do with “Deposit Advice.” The letter asks the recipient to check on the deposit type or confirm the sum. Now, although security systems alert recipients about the letter coming from outside the company, the link “to the file” passes muster because it connects to a legitimate Google online service, not a phishing site.
Phishing site
The link leads to a location that appears to be the OneDrive corporate service page. Users can even see that the document is available to any company user (made so likely in hopes someone will forward the link to a corporate accountant)...
Read More:
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
