Google Top Choice for Cybercriminals for Brand-Impersonation Spear-Phishing Campaigns

Google | May 28, 2020

  • Phishing campaigns are now regarded as among the most prevalent cybersecurity threats as COVID-19 strands people at home, but after months of isolation, official data has confirmed it.

  • A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, including Google and Microsoft, have targeted remote workers.

  • More generally, 4% of all spear-phishing attacks in the period between January and April were made up by Google-brand impersonations, with that number expected to climb.


It’s no secret that phishing campaigns are now regarded as among the most prevalent cybersecurity threats as COVID-19 strands people at home, but after months of isolation, official data has confirmed it. A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, including Google and Microsoft, have targeted remote workers between January 1 and April 30 2020. 65% of this figure impersonated Google, mostly via file-sharing and storage websites – including storage.googleapis.com (25%) docs.google.com (23%), storage.cloud.google.com (13%), and drive.google.com (4%). More generally, 4% of all spear-phishing attacks in the period between January and April were made up by Google-brand impersonations, with that number expected to climb.


Brand-impersonation spear-phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cyber criminals are taking the opportunity to flood people’s inboxes with these scams,” says Barracuda Networks UK systems engineer manager Steve Peake. “The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users." Barracuda reported that Microsoft brands were targeted in 13% of attacks: onedrive.live.com (6%), sway.office.com (4%), and forms.office.com (3%).



Learn more: GOOGLE AND KPMG SECURITY EXPERTS SHARE THEIR INSIGHTS ON COVID-19 RELATED CYBER SCAMS .
 

“Brand-impersonation spear-phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cyber criminals are taking the opportunity to flood people’s inboxes with these scams,”

~ Steve Peake Barracuda Networks UK systems


This comes as Microsoft warned its userbase this week of a new widespread COVID-19 themed phishing campaign that installs the NetSupport Manager remote administration tool to completely take over a user's system and execute commands on it remotely. Microsoft’s Security Intelligence team claimed the campaign involved the usage of malicious Excel attachments to infect user's devices with a remote access trojan (RAT), with the initial attack beginning with an email impersonating the Johns Hopkins Center, a major source of credible COVID-19 news. Spear-phishing campaigns like this, which trick victims into sharing login credentials, have enjoyed massive success during the pandemic.

“The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users."


Fortunately, there are ways to protect oneself against these cyber, such as implementing multi-factor authentication steps on all log-in pages so that hackers will require more than just a password to gain access to your data,”says Peake. “Other, more sophisticated methods of cyber protection include using email security software, such as API based inbox defence, which uses artificial intelligence to detect and block attacks.” Attackers use many tricks, including by leveraging enterprise brand assets, such as company names and logos, to develop phishing websites that appear authentic and lure internet users to enter valuable information such as user names and passwords. Phishing Protection helps prevent users from accessing phishing sites by identifying various signals associated with malicious content, including the use of your brand assets, classifying malicious content that uses your brand and reporting the unsafe URLs to Google Safe Browsing.


This is through a combination of factors, including heightened fears over a globally penetrating issue and the worldwide trend of remote working, which increases risk landscapes generally. Google's Threat Analysis Group (TAG) works to counter targeted and government-backed hacking against Google and our users. This is an area we have invested in deeply for over a decade. Our daily work involves detecting and defeating threats, and warning targeted users and customers about the world’s most sophisticated adversaries, spanning the full range of Google products including Gmail, Drive and YouTube .In the past, we’ve posted on issues like phishing campaigns vulnerabilities and disinformation. Going forward, we’ll share more technical details and data about the threats we detect and how we counter them to advance the broader digital security discussion.


Learn more: NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES .
 

Spotlight

The progression of technology these past several years, has also brought an increase in cyber attacks. This problem has developed into a serious national threat, creating a growing demand in the cyber security profession. This increase is expected to continue to grow in this decade making a degree or certificate in cybersecurity and information assurance a great opportunity for job seekers. The infographic below highlights the need for increased awareness in cybersecurity and information assurance in today’s society.


Other News
DATA SECURITY

Dataprise Expands its DRaaS and Data Protection Offerings with Acquisition of Industry Leader Global Data Vault

Dataprise | January 18, 2022

Dataprise, a leading strategic IT managed service provider, today announced the acquisition of Global Data Vault, a leader in Disaster-Recovery-as-a-Service (DRaaS), Backup-as-a-Service (BaaS) and modern data protection solutions. The addition of Global Data Vault creates one of the industry's broadest portfolios of integrated data protection and cybersecurity offerings to solve client's toughest business resilience, risk mitigation and compliance challenges. "Clients turn to Dataprise to be their one strategic IT partner, which requires we bring the broadest portfolio of services powered by the best technology and deepest expertise. Today, the mandate for a holistic cybersecurity and data protection strategy is a top priority for our clients, Global Data Vault is a powerful addition as they bring industry leading cloud-based data protection solutions that bolster our premier cybersecurity portfolio, top-notch employees, a strong Veeam partnership, and relentless focus on client success." Steve Lewis, CEO of Dataprise Founded in 2004, Global Data Vault is a recognized leader in the BaaS and DRaaS industry and holds the distinction of being a Platinum Veeam Cloud & Service Provider. Global Data Vault's mission is to protect organizations' critical data with modern data protection strategies to ensure business continuity and eliminate downtime. Headquartered in Dallas, TX, Global Data Vault protects hundreds of clients across the United States, Canada, and the United Kingdom. "Our clients are facing new challenges driven by dramatic changes in the cybersecurity threat landscape and evolution of IT strategies including cloud adoption," said Anthony Galley, Chairman of Global Data Vault. "Dataprise has an enviable portfolio of cybersecurity, managed IT services, and cloud services that enhance the value of our modern data protection and DRaaS offerings. Together with Dataprise we are perfectly positioned to provide our clients even greater value." "We're excited for the opportunity that joining Dataprise presents for our clients, employees and partners. We now have a much broader set of services, capabilities and resources all aimed at protecting client data and ensuring business continuity," said Will Baccich, CEO of Global Data Vault. This marks Dataprise's second acquisition as the company executes on its strategy to build the broadest managed services portfolio and give clients one strategic IT partner to solve it all. The recent acquisition of Wireless Watchdogs added a comprehensive Mobility Managed Services (MMS) and Mobile Device Management (MDM) portfolio aimed at solving mobile device, Internet of Things (IoT) and endpoint management challenges. About Dataprise Founded in 1995, Dataprise believes that technology should enable our clients to be the absolute best at what they do. This commitment to client success is why Dataprise is recognized as the premier strategic managed service and security partner to strategic CIOs and IT leaders across the United States. Dataprise delivers best-in-class managed cybersecurity, disaster recovery as a service (DRaaS), managed infrastructure and managed end-user services that transform business, enhance user experiences, and eliminate risks.

Read More

DATA SECURITY

Axonius Unveils SaaS Management Solution to Combat Complexity, Cost, and Risk

Axonius | January 20, 2022

Axonius, the leader in cybersecurity asset management, today unveiled Axonius SaaS Management, a new comprehensive solution that helps security, IT, finance, and risk teams control the complexity, cost, and risk of software as a service (SaaS) with a single source of truth into their SaaS application landscape. As businesses rapidly increase consumption of SaaS applications, they face acute IT, security, and business challenges. The rate of SaaS adoption makes manual approaches to gaining a credible SaaS asset inventory woefully inadequate and exposes extremely difficult visibility challenges into both known and unknown SaaS applications. Compounding these visibility challenges, companies struggle to identify how data flows between apps, manage a myriad of configurations, and close security gaps, as well as track licensing and spend, across hundreds sometimes thousands of SaaS applications. Axonius SaaS Management lets customers address the operational and financial challenges of SaaS asset management, as well as the security and risk gaps, all via a seamless, nonintrusive deployment that delivers actionable insights from day one. This is the first product delivered by AxoniusX, the company’s innovation-focused business unit that launched in June 2021. “Over the past few years, we’ve seen tools emerge that address some aspects of SaaS management from either the business side or SaaS security posture management, but these approaches still leave companies with gaps in visibility and siloed information,We’ve built on our unique approach to cybersecurity asset management to deliver the same results for SaaS applications. With our rich history in building and maintaining API integrations with SaaS solutions, Axonius has the expertise and market traction to bring massive value to organizations struggling with the complexity of modern apps and infrastructure.” Amir Ofek, CEO and co-founder of AxoniusX Axonius SaaS Management uses adapters (API connections to data sources) and proprietary SaaS discovery tools to create a detailed inventory of all SaaS applications, permissions, and data flows. By connecting to all layers of the SaaS application stack, the solution discovers both the SaaS applications known to and sanctioned by organizations as well as shadow and unmanaged apps. This approach provides comprehensive visibility into all data types and interconnectivity flows, identifies misconfigurations and data security risks, and delivers actionable insights for better IT management and cost optimization. Axonius SaaS Management integrates with Axonius Cybersecurity Asset Management to provide a comprehensive platform that unifies all digital assets from SaaS apps to devices, user accounts, cloud assets, and more so customers can easily and effectively control complexity across the entire IT environment. About Axonius Axonius gives customers the confidence to control complexity by mitigating threats, navigating risk, automating response actions, and informing business-level strategy. With solutions for both cyber asset attack surface management (CAASM) and SaaS management, Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically validate and enforce policies. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of assets, including devices and cloud assets, user accounts, and SaaS applications, for customers around the world.

Read More

DATA SECURITY

Futurex Named a Leader in Hardware Security Modules by ABI Research

Futurex | February 25, 2022

Futurex receives top scores for cloud HSM service and strong cloud integration, extensive payment HSM platform, richest features, customer flexibility BULVERDE, Texas, February 24, 2022 — ABI Research, global technology intelligence firm, today named Futurex a leader in hardware security modules (HSMs). In its latest Hardware Security Module: OEM competitive assessment report, ABI Research gave Futurex, a leader in enterprise-class data security solutions, high scores for its cryptography-as-a-service options, extensive payment HSM offerings, rich features, hybrid deployment options, and customer flexibility. “The HSM market is changing rapidly. This is propelling highly flexible HSM offerings that can scale easily and adapt quickly to emerging demands,” the report by ABI Research reads. “Futurex showcases an extensive payment HSM platform with strong cloud integration and service availability, enabling it to carve itself a particularly successful niche in the HSM market which it is actively expanding.” “We are honored to be recognized by ABI Research as a leader in the HSM space,” said Ryan Smith, vice president, global business development, at Futurex. “Our four decades of HSM R&D, in-depth knowledge of enterprise security needs, and being the first in industry to offer cryptography-as-a-service, have made us the trusted HSM partner for the world’s largest enterprises.” Putting Innovation and Customers First ABI Research’s report highlights Futurex’s commitment to innovation by recognizing the operational flexibility and application versatility its HSMs have to offer. The report also noted that Futurex is the only company offering the same suite of features with its cloud HSM as with its on-premises hardware. With multiple payment HSM vendors currently going through end-of-life processes with their HSMs, organizations are looking for options including migrating their infrastructures to the cloud without changing any application code. As organizations look for robust security while optimizing costs with OPEX models, many turn to Futurex’s VirtuCrypt Cloud Payment HSM for their cryptographic needs. About Futurex For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.

Read More

PLATFORM SECURITY

Cynamics Announces Dedicated Managed Security Service Provider (MSSP) Offering

Cynamics | March 07, 2022

Cynamics, leading provider of AI-driven Network Detection and Response solutions, today announced the release of their new offering which is dedicated for Managed Security Service Providers and Managed Service Providers. The Cynamics Managed Service solution delivers a comprehensive dashboard for Cynamics partners to view all aspects of their Cynamics services across all client networks. This new dashboard represents the next step in the continued evolution of the Cynamics solution and offering. Cynamics teams up with best-in-class partners, offering unhindered network visibility and threat prediction to manage their client's environment. Cynamics unique sample-based approach accompanied with patent-pending and academically acknowledged AI technology allows our partners to predict and detect risk in seconds, responding faster and giving customers the security and granularity, they deserve. "We are grateful for our partnership with Cynamics, as it allows us to offer robust and innovative network visibility to our clients, increasing their overall security posture," said Peter Baur, IT Manager of Metro-INET. "With the rise in cyber threats on municipalities, we were looking for a provider to reduce and mitigate risk. Cynamics makes a big difference in how our customers can protect their networks effectively and gives us a comprehensive view across the entire landscape. Cynamics intuitive dashboard, access to cyber analysts 24/7 and unparalleled level of support have been a key differentiator for us as we focus on connecting our customers to solutions that enable them to operate in a more secure and productive way," Said Baur. The new offering, modeled after the Cynamics Network Blueprint dashboard, lets managed service partners add their client accounts and rapidly connect them to Cynamics, view a summary of the recent activities from all of their clients, and drilling down to each threat detection root-cause analysis and to the respective client dashboard for further details. This dashboard can enhance MSSPs cybersecurity service offering to customers by leveraging Cynamics AI-driven technology and sample-based approach to provide 100% network visibility and threat prediction without requiring installation of an appliance or agent in the customer's network, no matter the network's size or environment. "The Cynamics MSSP offering was designed with our growing managed service customer-base in mind. Our goal was to deliver a dashboard that provides complete visibility across all client accounts in a central pane view that gives MSSPs more services to capture a greater opportunity amongst their customers" said Dr. Aviv Yehezkel, Co-Founder and CTO of Cynamics. "With Cynamics, our managed service partners reduce risk because of the lack of appliances and agents, as well as there are no permissions to the client's network, and no collecting or storing any sensitive or private client information at any time, therefore creating no additional attack surface", said Dr. Yehezkel. The Cynamics MSSP dashboard reduces the burden of managing, configuring and optimizing network security for clients with notoriously convoluted networks, differing environments and complex architectures. Cynamics solution uses proprietary AI and ML technology to enrich threat signals, patterns, and suspicious behaviors by detecting and classifying them in a generalized way which is agnostic to a specific network deployment. The solution autonomously and continuously is learning and improving with each additional deployment. The performance, capabilities and broad visibility offered by Cynamics gives MSSPs an edge in keeping their customers safe in the continuously evolving cybersecurity landscape. About Cynamics Cynamics is the only Next Generation (NG) Cloud Network Detection and Response (NDR) solution on the market today using standard sampling protocols built-in to every gateway, patented algorithms, as well as AI and Machine Learning, to provide threat prediction and visibility at speed and scale. Built to protect networks of all sizes and complexity, its highly scalable approach discovers threats missed by competitors and provides clients and partners with an elite defense against cyberattacks, with little-to-no burden on their resources.

Read More

Spotlight

The progression of technology these past several years, has also brought an increase in cyber attacks. This problem has developed into a serious national threat, creating a growing demand in the cyber security profession. This increase is expected to continue to grow in this decade making a degree or certificate in cybersecurity and information assurance a great opportunity for job seekers. The infographic below highlights the need for increased awareness in cybersecurity and information assurance in today’s society.

Resources