Beware - that Google email may be a phishing scam

New phishing attack targets remote workers using Google and Microsoft branding

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The change in the working environment due to coronavirus lockdown is not the only issue remote workers are worried about, according to a report that suggests hackers are targeting remote workers in an attempt to steal their personal information.

Researchers from Barracuda Networks uncovered a highly targeted campaign mounting form-based phishing attacks impersonatingGoogleandMicrosoftbranded domains.

According to thereport, out of 100,000 such form-based attacks, hackers used Google file sharing and storage websites like drive.google.com, storage.googleapis.com and docs.google.com in 65 percent of cases.

Meanwhile, Microsoft-related domains such as onedrive.live.com, sway.office.com and forms.office.com were used in almost 13 percent of attacks, with other prominent sites including Sendgrid, Mailchimp and Formcrafts also used.

Spear-phishing attacks

Steve Peake, a systems engineer manager at Barracuda Networks, said, “Brand-impersonation spear-phishing attacks have always been a popular and successful method of harvesting a user’s login credentials, and with more people than ever working from home, it’s no surprise that cybercriminals are taking the opportunity to flood people’s inboxes with these scams.”

Highlighting the modus operandi of the cybercriminals, Peake added, “The sophistication of these attacks has accelerated in recent times: now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users.”

The report reveals that while Google-branded form attacks account for four percent of spear-phishing incidents recorded in the first four months of this year, experts fear that the numbers are bound to increase.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While these attacks are yet to be controlled, experts suggest that professionals should take additional steps to protect accounts like multi-factor authentication and email security software.

Jitendra has been working in the Internet Industry for the last 7 years now and has written about a wide range of topics including gadgets, smartphones, reviews, games, software, apps, deep tech, AI, and consumer electronics.

Nokia confirms data breach leaked third-party code, but its data is safe

Rising AI threats are making firms turn back to human intelligence

Black Friday is here: Sony XM5 over-ears drop to their lowest-seen price – act fast!