Avanan, a Check Point company, warns of an evolution in phishing attacks using everyday services to send attacks, such as iCloud, PayPal, Google Docs and Fedex. Named “Phishing Scams 3.0”, the method requires no compromise or code, just a free account to infiltrate people’s inboxes.
- 33,817 email attacks observed in the past two months
- iCloud most impersonated service
- Other services leveraged include: PayPal, Google Docs, Sharepoint, Fedex, Intuit and more
Avanan, a Check Point Software company, warns of an evolution in phishing attacks that now leverage popular businesses and services to infiltrate people’s inboxes.
Named “Phishing Scams 3.0”, this method involves attackers using actual legitimate services to execute their attack. In such scams, the victim receives an email from a totally legitimate service, such as PayPal or Google Docs, that includes a link to a malicious site.
Cybercriminals have been impersonating PayPal, Google Docs, Sharepoint, Fedex, Intuit, iCloud and more.
How it Works:
1. Hacker creates a free account in Paypal (for example).
2. Hacker finds email addresses to send to.
3. Hacker creates a fake invoice that either says the user has been charged or something is about to renew.
4. Hacker clicks send.
By the Numbers
In the past two months of February and March, our researchers have seen a total of 33,817 email attacks, impersonating legitimate, popular firms and services.
Quote: Jeremy Fuchs, Spokesperson at Avanan, a Check Point company:
“Business email compromise (BEC) attacks have evolved again. A traditional BEC attack relies upon the ability to look like someone with power within a company or a trusted external partner. Later on, attacks shifted to a method in which the attacker compromises an account, belonging to an organization or one of his partner’s organization, and uses it to insert themselves into legitimate email threads, responding as if they were employees. Now, we’re seeing something entirely new, where attackers are using actual legitimate services to carry their attack. In such scams, the victim receives an email from a totally legitimate service (e.g. PayPal, Google Docs) which will include a link to a malicious site. In the past two months of February and March, our researchers have seen a total of 33,817 email attacks, impersonating legitimate, popular firms and services. We call these new style of cyberattacks ‘Phishing Scams 3.0’, or BEC Firm Impersonation. It is important to note that there is nothing malicious with these popular sites, nor is there a vulnerability. Instead, hackers are using these services’ legitimacy to gain entry into the inbox. I strongly urge folks to implement two-factor authentication and use email filters to protect themselves from these style of attacks.”
Cyber Safety Tips:
1. Use anti-phishing protections
2. Educate and train employees
3. Separate duties
4. Label external emails
Examples:
Here, the hacker has added a comment in Google Sheets. All the hacker has to do is create a free Google account. Then, they can create a Google sheet, and mention the intended target. The recipient gets an email notification.
To the end-user, this is a fairly typical email, especially if they use Google Workspace. (And even if they don’t, it’s typical, as many organizations use Google Workspace and Microsoft 365).
Here is another example, this time using Google Docs.
This comes from a legitimate sender–Google. The URL, which is a script.google.com URL, is also legitimate upon the first scan. That is because that domain is legitimate.
However, when you click on it, it gets redirected to a fake cryptocurrency site. These fake cryptocurrency sites work in a few ways. They can be straight phishing sites, where credentials will be stolen. Or there is a variety of other options, whether it is straight theft or crypto mining.
In all examples recorded, the email address from which the email was sent looked perfectly legitimate and contained the “correct” addresses, which makes detection and identification much harder for the average user receiving them.
As an Amazon Associate, TechCity may earn a small commission if you shop these products.
Simple Modern 40 oz Tumbler with Handle and Straw Lid | Insulated Cup Reusable Stainless Steel Water Bottle Travel Mug Cupholder Friendly | Gifts for Women Men Him Her | Trek Collection | Almond Birch
$29.99 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Stanley Quencher H2.0 FlowState Stainless Steel Vacuum Insulated Tumbler with Lid and Straw for Water, Iced Tea or Coffee
$35.00 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Monster Energy Zero Ultra, Sugar Free Energy Drink, 16 Fl oz (Pack of 15)
$23.85 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Huggies Size 1 Diapers, Little Snugglers Diapers, Size 1 (8-14 lbs), 198 Ct (6 packs of 33), Newborn
$53.47 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Apple AirPods Pro (2nd Generation) Wireless Ear Buds with USB-C Charging, Up to 2X More Active Noise Cancelling Bluetooth Headphones, Transparency Mode, Adaptive Audio, Personalized Spatial Audio
$229.00 (as of April 24, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Charger for MacBook Air MacBook Pro 13 14 15 16 inch 2024 2023 2022 2021 2020, M1 M2 M3 Laptop 70W USB C Power Adapter, iPad, LED, 6.6FT USB-C Cable Charging as Fast as MagSafe 3, Original Quality
$27.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
All-new Amazon Fire HD 10 tablet, built for relaxation, 10.1" vibrant Full HD screen, octa-core processor, 3 GB RAM, latest model (2023 release), 32 GB, Black
$139.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Acer Aspire 3 A315-24P-R7VH Slim Laptop | 15.6" Full HD IPS Display | AMD Ryzen 3 7320U Quad-Core Processor | AMD Radeon Graphics | 8GB LPDDR5 | 128GB NVMe SSD | Wi-Fi 6 | Windows 11 Home in S Mode
$299.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Amazon Fire HD 8 Kids Pro | age 6-12 | Unleash creativity with included age-appropriate Amazon Kids+ content , robust parental controls, 13-hr battery | 32 GB, Hello Teal
$149.99 (as of April 23, 2024 07:25 GMT +01:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
