UPDATE: A major phishing campaign is currently targeting 3,200 businesses, primarily in the United States, with attackers exploiting legitimate Google services. Cybersecurity researchers from Check Point have reported that nearly 10,000 phishing emails have been sent in just two weeks, posing significant risks to companies in the manufacturing, technology, and finance sectors.
The emails, which appear to come from the address [email protected], utilize Google Cloud Application Integration to lend them credibility. This service enables organizations to automate workflows between cloud applications without custom coding, creating a false sense of security for recipients.
These phishing messages closely mimic Google’s notification style, often featuring lures like pending voicemail messages or shared documents. Victims are directed to storage.google.cloud.com, a trusted Google domain, which then redirects to googleusercontent.com. Here, victims are confronted with a fake CAPTCHA designed to evade security scanners before being led to a counterfeit Microsoft login page, where their credentials may be stolen.
Victims are predominantly located in the United States, with 48.6% of targets from the U.S. The breakdown of industries affected includes 19.6% in manufacturing, 18.9% in technology/SaaS, and 14.8% in finance, banking, and insurance.
Google has responded, confirming that “several phishing campaigns” leveraging Google Cloud Application Integration have been blocked. In a statement, the company emphasized that this fraudulent activity arises from the misuse of a workflow automation tool, not a breach of its infrastructure. Google reassured users that it has implemented protections against this specific attack and is taking further steps to prevent future misuse.
As phishing attacks increasingly exploit trusted brands, experts urge all users to remain vigilant. With the rise of sophisticated tactics, including the use of automation tools that replicate legitimate services, individuals and organizations must exercise caution and scrutinize any unexpected communications.
This developing situation highlights the urgent need for enhanced security measures and awareness. Stay informed and protect your information to avoid falling victim to these coordinated attacks.
For the latest updates, follow TechRadar on Google News and stay ahead of emerging threats in the cybersecurity landscape. Share this news with your network to raise awareness and help others stay safe.
