Over 10 million people use the Google Looker family of products – but unfortunately they are increasingly being used for illicit purposes. New research from Check Point found that cyber criminals are using Google Looker Studio, Google Docs and Google Slide for advanced phishing attacks.
Here’s how it works
- Cybercriminal creates a Google Looker Studio page
- Cybercriminal uses Google to send a real notification to the targeted victim, asking them to review or comment. Since the notification comes from the legitimate Google account, it’s not caught by security filters
- Victim clicks through to look at the page, which looks legitimate
- Embedded within the Google Looker page is a link that redirects the victim to an external page designed to steal their login credentials and crypto-related information
According to Jeremy Fuchs, Cybersecurity Researcher at Check Point Software Technologies:
“Cyber criminals are taking advantage of Google’s business tools to help them steal login credentials and crypto accounts. Recently we’ve seen a dramatic rise in the use of Google Looker Studio for phishing attempts. This is concerning because it is difficult to detect for both security services and end users.”
You can read this attack brief here.
Like this:
Like Loading...
Related
This entry was posted on September 7, 2023 at 9:00 am and is filed under Commentary with tags Check Point. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Phishing via Google Looker Studio Uncovered By Check Point
Over 10 million people use the Google Looker family of products – but unfortunately they are increasingly being used for illicit purposes. New research from Check Point found that cyber criminals are using Google Looker Studio, Google Docs and Google Slide for advanced phishing attacks.
Here’s how it works
According to Jeremy Fuchs, Cybersecurity Researcher at Check Point Software Technologies:
“Cyber criminals are taking advantage of Google’s business tools to help them steal login credentials and crypto accounts. Recently we’ve seen a dramatic rise in the use of Google Looker Studio for phishing attempts. This is concerning because it is difficult to detect for both security services and end users.”
You can read this attack brief here.
Share this:
Like this:
Related
This entry was posted on September 7, 2023 at 9:00 am and is filed under Commentary with tags Check Point. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.