Cyber Criminals Exploit Google’s SMTP Relay Service To Land in Inboxes and Steal User Credentials
Avanan, A Check Point Company, has published its latest research report in which it describes how hackers strategically send out phishing emails using Google’s Simple Mail Transfer Protocol (SMTP) Relay service, a common service used to send out mass emails, while ensuring delivery.
Hackers manipulate this service by spoofing reputable brands, like Venmo and Trello, to send out thousands of emails that bypass security tools and land directly inside users’ inboxes. These emails contain a malicious link or a document that leads users to give up their credentials.
In this attack, hackers are taking advantage of a flaw in Google’s SMTP Relay service to send spoofed emails.
Hackers can utilize any Gmail tenant, from small companies to large, popular corporations.
Once spoofed, they can send out phishing emails that are more likely to get into the inbox, as it leverages the inherent trust of legitimate brands.
Once in the inbox, hackers hope that end-users will click on a malicious link or download a malicious document, to steal credentials.
The full report can be found here and there are some mitigation strategies in the report that you can use to protect yourself. I also have a video which I have embedded below that shows a demonstration of the attack.
This entry was posted on May 2, 2022 at 9:00 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Cyber Criminals Exploit Google’s SMTP Relay Service To Land in Inboxes and Steal User Credentials
Avanan, A Check Point Company, has published its latest research report in which it describes how hackers strategically send out phishing emails using Google’s Simple Mail Transfer Protocol (SMTP) Relay service, a common service used to send out mass emails, while ensuring delivery.
Hackers manipulate this service by spoofing reputable brands, like Venmo and Trello, to send out thousands of emails that bypass security tools and land directly inside users’ inboxes. These emails contain a malicious link or a document that leads users to give up their credentials.
In this attack, hackers are taking advantage of a flaw in Google’s SMTP Relay service to send spoofed emails.
Hackers can utilize any Gmail tenant, from small companies to large, popular corporations.
Once spoofed, they can send out phishing emails that are more likely to get into the inbox, as it leverages the inherent trust of legitimate brands.
Once in the inbox, hackers hope that end-users will click on a malicious link or download a malicious document, to steal credentials.
The full report can be found here and there are some mitigation strategies in the report that you can use to protect yourself. I also have a video which I have embedded below that shows a demonstration of the attack.
Share this:
Like this:
Related
This entry was posted on May 2, 2022 at 9:00 am and is filed under Commentary with tags Avanan. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.