Remote workers have been targeted by up to 65,000 Google-brand impersonation attacks, according to the most recent ‘Threat Spotlight’ report from Barracuda Networks. This type of spear phishing scam uses branded sites to trick victims into sharing login credentials.
Of the nearly 100,000 form-based attacks Barracuda detected between January 1, 2020, and April 30, 2020, Google file sharing and storage websites were used in 65 per cent of attacks. This includes storage.googleapis.com (25 per cent), docs.google.com (23 per cent), storage.cloud.google.com (13 per cent), and drive.google.com (4 per cent).
Many attackers know that if they want to attack someone specific, it’s more likely to succeed if their initial attacks lands in a target’s email box late at night or early in the morning when they’re not as focused, and when the attacker can most convincingly pretend to be someone else.
One of the more popular ways currently to get to a CEO or executive is to target executive assistants with an email praising their work performance and diligence, and offering a link to an Amazon gift card or similar faux incentive. Once they click that link, it’s game over. The attacker got entry into their inbox to send a malicious email directly to the CEO or executive and can collect sensitive data to share publicly or blackmail.
Even the most sophisticated security pros, and all employees, need to adopt a few rules. Some are widely known such as always to check the context of an email, but less widely understood is guidance to never, never to check emails early in the morning, before a morning wake up routine such as a cup of coffee or tea. Similarly, never check and respond to emails in the evening if they’re not focused or have had a cocktail. At either time, it’s too easy to click through what appears to be an off-hours email from a colleague or manager’s personal email address, but is in fact an attack entry point.
Brand-impersonation spear phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cyber criminals are taking the opportunity to flood people’s inboxes with these scams. The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users.
Fortunately, there are ways to protect oneself against these cyber, such as implementing multi-factor authentication steps on all log-in pages so that hackers will require more than just a password to gain access to your data. Other, more sophisticated methods of cyber protection include using email security software, such as API based inbox defence, which uses artificial intelligence to detect and block attacks.