-
Phishing campaigns are now regarded as among the most prevalent cybersecurity threats as COVID-19 strands people at home, but after months of isolation, official data has confirmed it.
-
A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, including Google and Microsoft, have targeted remote workers.
-
More generally, 4% of all spear-phishing attacks in the period between January and April were made up by Google-brand impersonations, with that number expected to climb.
It’s no secret that phishing campaigns are now regarded as among the most prevalent cybersecurity threats as COVID-19 strands people at home, but after months of isolation, official data has confirmed it. A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, including Google and Microsoft, have targeted remote workers between January 1 and April 30 2020. 65% of this figure impersonated Google, mostly via file-sharing and storage websites – including storage.googleapis.com (25%) docs.google.com (23%), storage.cloud.google.com (13%), and drive.google.com (4%). More generally, 4% of all spear-phishing attacks in the period between January and April were made up by Google-brand impersonations, with that number expected to climb.
Brand-impersonation spear-phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cyber criminals are taking the opportunity to flood people’s inboxes with these scams,” says Barracuda Networks UK systems engineer manager Steve Peake. “The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users." Barracuda reported that Microsoft brands were targeted in 13% of attacks: onedrive.live.com (6%), sway.office.com (4%), and forms.office.com (3%).
Learn more: GOOGLE AND KPMG SECURITY EXPERTS SHARE THEIR INSIGHTS ON COVID-19 RELATED CYBER SCAMS
.
“Brand-impersonation spear-phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cyber criminals are taking the opportunity to flood people’s inboxes with these scams,”
~ Steve Peake Barracuda Networks UK systems
This comes as Microsoft warned its userbase this week of a new widespread COVID-19 themed phishing campaign that installs the NetSupport Manager remote administration tool to completely take over a user's system and execute commands on it remotely. Microsoft’s Security Intelligence team claimed the campaign involved the usage of malicious Excel attachments to infect user's devices with a remote access trojan (RAT), with the initial attack beginning with an email impersonating the Johns Hopkins Center, a major source of credible COVID-19 news. Spear-phishing campaigns like this, which trick victims into sharing login credentials, have enjoyed massive success during the pandemic.
“The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users."
Fortunately, there are ways to protect oneself against these cyber, such as implementing multi-factor authentication steps on all log-in pages so that hackers will require more than just a password to gain access to your data,”says Peake. “Other, more sophisticated methods of cyber protection include using email security software, such as API based inbox defence, which uses artificial intelligence to detect and block attacks.” Attackers use many tricks, including by leveraging enterprise brand assets, such as company names and logos, to develop phishing websites that appear authentic and lure internet users to enter valuable information such as user names and passwords. Phishing Protection helps prevent users from accessing phishing sites by identifying various signals associated with malicious content, including the use of your brand assets, classifying malicious content that uses your brand and reporting the unsafe URLs to Google Safe Browsing.
This is through a combination of factors, including heightened fears over a globally penetrating issue and the worldwide trend of remote working, which increases risk landscapes generally.
Google's Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. This is an area we have invested in deeply for over a decade. Our daily work involves detecting and defeating threats, and warning targeted users and customers about the world’s most sophisticated adversaries, spanning the full range of Google products including Gmail, Drive and YouTube .In the past, we’ve posted on issues like phishing campaigns vulnerabilities and disinformation. Going forward, we’ll share more technical details and data about the threats we detect and how we counter them to advance the broader digital security discussion.
Learn more:
NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES
.