Light Dark
February 25, 2020 By Shane Schick 2 min read

Phishing campaigns aimed at stealing Microsoft user credentials are using Google Forms to dupe potential victims, security researchers warn.

Cybercriminals managed to increase their odds of success by breaking into a legitimate website to host and send bogus email messages, according to a report from Cofense.

The phishing messages masquerade as important alerts from the company’s IT department asking recipients to update their Office 365 suite of applications or face having their account suspended. Clicking on an “Update Now” button in Google Forms after entering their username and password sends the victim’s credentials to the attackers.

Take a Closer Look

The external Google webpage provides an authentic SSL certificate, researchers explained, which makes it even more likely that users will be fooled into complying with the phishing email’s request.

If they take the time to look more carefully, however, Office 365 users might notice some aberrations in the phony Microsoft login page. Some of the tell-tale signs include the use of asterisks rather than letters and capitalizing more than half of the letters on the page. Unlike a legitimate login page where passwords would be obscured, the credentials appear in plain text as a victim types them in. This happens even before they click the “Update Now” button on the form.

Researchers suggested the technique has been used in multiple phishing campaigns, most of which have been discovered over the past several weeks. Google is not alone in having its technology harnessed for nefarious purposes. Just last month researchers uncovered a phishing technique that made use of Microsoft’s Sway application.

Don’t Fall for Fraudulent Google Forms

Unfortunately, most organizations don’t think through how they would react to a successful phishing attempt, which is why simulation exercises can be helpful. Sometimes attackers will still be successful, so ensure remediation measures for phishing attacks are woven into an incident response plan that involves all departments from human resources to IT.

 |  |  |  |  |  |  |  |  |  | 
Shane Schick
Writer & Editor

More from

December 18, 2024

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

December 17, 2024

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

December 16, 2024

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature