Is it true ? Google Docs Forms Abused by Microsoft ?

Security researchers detected numerous phishing campaigns that leveraged a Google Docs Form to goal users’ Microsoft credentials.

Cofense located that the phishing emails originated from a compromised email account with privileged get entry to to monetary offerings company CIM Finance. By the use of CIM Finance’s internet site to host their phishing emails, the malicious actors ensured that their messages could bypass famous email security tests along with DKIM and SPF.

The emails themselves masqueraded as notifications from the IT crew informing recipients that they had to “replace their Office 365” if they desired to prevent the suspension in their accounts. By creating this feel of urgency, nefarious individuals attempted to stress recipients into clicking at the “Update Now” button.
It’s at that point while the Google Docs Form came into play. As explained by means of Cofense in its research:

This threat actor set up a staged Microsoft form hosted on Google that provides the authentic SSL certificate to entice end recipients to believe they are being linked to a Microsoft page associated with their company. However, they are instead linked to an external website hosted by Google….

With this setup, phishers created a fake Microsoft Office 365 login page. This web page outstanding itself from Microsoft’s valid login web page by means of capitalizing close to half of the words and occasionally replacing letters with asterisks. The phishing web page additionally displayed customers’ credentials in plaintext as they typed on this element into the shape’s input fields.

Upon filing their credentials, the campaign despatched this records off to the attackers through Google.

This attack highlights the want for agencies to bolster their e mail protection. One of the methods they are able to do that is via elevating their workforce’s consciousness of some of the maximum popular phishing assaults in movement today. Towards this stop, businesses can use this aid as the beginning of an ongoing protection cognizance education effort.

You May Also Like

About the Author: syed

Leave a Reply

Your email address will not be published. Required fields are marked *