Hackers Impersonate Google-Branded Sites to Steal User Credentials

If a recent report from Barracuda Networks is to be believed then in the past four months alone, hackers have targeted more than 65000 remote works via Google-branded cyber attacks.

The pandemic may have wreaked economies and health care systems around the world but that has not stopped independent hacker groups from targeting online users and stealing their personal information.

The Barracuda report discovered that out of the 100,000 form-based cyber attacks that hackers carried out during the first quarter of 2020, around 65 percent made use of Google storage and file-sharing websites to trick users into giving up their credentials and other sensitive information.

hackers image 1

Moreover, when the security firm did a deep analysis of these attacks, they found that hackers used trusted Google-provided online services such as storage.cloud.google.com, docs.google.com, and storage.googleapis.com amongst others to try and deceive online users into mistaking them for the real services and sharing their sensitive information.

Barracuda researchers also found out that hackers use Google-branded cyber attacks way more than Microsoft-branded cyber-attacks where they used services such as forms.office.com along with sway.office.com and onedrive.live.com.

Microsoft-branded attacks only made up 13 percent of the total form-based attacks that different hackers groups launched in the first four months of 2020.

Hackers and other cybercriminals also used other sites to launch cyberattacks such as sendgrid.net (which made up 10 percent of all attacks during the same period), formcrafts.com (which made up 2 percent of all attacks) and mailchimp.com (which made up 4 percent of all attacks).

Not only did hackers use Google services the most, but researchers at Barracuda also found that hackers were actually increasing the number of attacks they launched via Google-branded services.

hacker image 2

In addition to that, Barracuda Networks noted that impersonation cyber attacks carried via Google-branded services made up a whopping 4 percent of all cyberattacks launched via techniques such as spear-phishing.

But that statistic is only relevant to the first four months of this year. Barracuda researchers said that the community should expect these figures to rise further since hackers had noticed the higher success rate of using these attacks to harvest user login credentials via Google-based services.

The UK systems engineer manager at Barracuda Networks, Steve Peake, recently said that hackers had always found methods such as brand-impersonation to launch spear-phishing cyber attacks to be very effective. Hence such methods had gained great popularity in the hacking community.

Furthermore, he said, because of the pandemic more and more people had started to work from home.

Hackers obviously took note of that and unsurprisingly took full advantage of the opportunity to send a deluge of spam messages into the inboxes of such remote workers.

Moreover, cybercriminals have accelerated the rate at which they increase the sophistication of such attacks. For example, hackers now have the ability to develop an online page or a phishing form on their own all under the guise of a genuine and trusted online service such as Microsoft’s forms.office.com in order to victimize unsuspecting online remote workers.

As mentioned before as well, because of the Covid-19 pandemic, a vast number of workers have started to work from home to not only protect themselves but also others. This has resulted in hackers increasing the number of phishing attacks for the past couple of months.

Another reason why hackers have been able to launch so many successful phishing attacks is that regular security maintenance procedures along with best practices have become difficult to carry out and stick to in these uncertain times.

This is important:

The report from Barracuda Network did mention a couple of methods via which users could protect their computers and organizations their networks.

First, Barracuda Networks recommends that all online remote workers should take advantage of advanced security features like email security apps and multi-factor authentication.

Of course, users who want more privacy and security can go beyond that. And the best way to protect data and hide one’s activities on the internet is with the use of a VPN service. NordVPN is consistently offering massive discounts on most of its packages. Click here for a full NordVPN review.

In addition to the use of a VPN though, users can make use of solutions that leverage the power of artificial intelligence in order to detect and then block many different and novel kinds of cyber attacks.

Machine learning technologies enable security products to study standard user communication patterns and then use that knowledge to spot any kind of anomalies which may lead to a new cyber attack.

Security products that make use of such new technologies in addition to traditional ones like checking attachments and malicious links are able to provide better and more comprehensive security to customers.

There are now other advanced methods available that help users identify all kinds of account takeover attempts and suspicious activities. Usually, these methods look at things such as unusual login times and unusual locations. Sometimes they also record IP addresses that a user may use to sign in into a given account.

Lastly, online remote workers need to educate themselves more about how form-based attacks along with others take place. This is where organizations need to spend resources on the security-awareness training of their employees. This will help ensure workers are able to recognize impending attacks.

Leave a Reply

Readers Offer: Get 70% Off NordVPNCheck It Out