Cybercriminals are increasingly exploiting well-known business platforms to conduct sophisticated phishing attacks that are difficult to detect. A new phishing technique, dubbed "Phishing Scams 3.0," involves malicious actors utilizing commonly used services like PayPal or Google Docs to disseminate malicious links and infiltrate unwary users and systems.
How does it work?
Cybercriminals create free accounts on platforms, such as PayPal, Google Docs, SharePoint, or FedEx, and send fraudulent invoices and documents embedded with malware to email addresses. The fraudulent invoices may create a sense of urgency by claiming an impending charge or renewal. If a company predominantly uses Google Docs or SharePoint, the attacker may use that service and reference a team member in a comment or share a document, triggering an automated email containing malicious content.
These emails appear trustworthy because the email addresses they are being sent from are legitimate, however the links have been compromised. According to ITOnline, there has been a total of 33,817 email attacks impersonating popular firms and services in the last two months. There is no hack or compromise at these companies - cybercriminals are creating accounts on there as any user can do, making these scams increasingly difficult to counter. In many instances, the links direct people to fake cryptocurrency sites, where credentials are stolen.
What can you do?
If you receive an unexpected request or an alert that someone has sent you money via Paypal, do not click on the email. Even if the email has an option to report the transaction, do not click on it. Instead, login to your account manually or contact the platform’s support team.
The same caution applies to unexpected documents shared on SharePoint or Google Docs. Avoid engaging with these emails to access your account and instead login manually or contact support. Double check with your team if this was a document that was anticipated. If it’s randomly sent, delete it or report it as phishing.
While you cannot control the actions of malicious actors, you can control the measures you take to increase your security. Adopting email security solutions enhance your business’ protection against these types of attacks and are a vital component of a comprehensive cybersecurity strategy. Implementing measures like blocking phishing emails and other threats can help minimize your organization's vulnerability to malware, account takeover, and data breaches.
Your last line of defense against these types of attacks are your users. All users are potential targets for malicious actors, and cybersecurity isn’t just something that your IT department needs to keep in mind anymore. Equip your users with a security awareness training program and conduct frequent simulated phishing tests. The more users apply their security knowledge in practice, the better they will be at identify genuine threats.
Get Peace of Mind With Entara
Entara offers complete, integrated IT and cybersecurity solutions tailored to your company’s unique needs and challenges. As an eXtended Service Provider, in addition to managed IT and cyber security services, our 24/7/365 incident response team works day, night, and holidays to help businesses recover from cyber-attacks and remediate their systems to avoid repeat events. We employ a range of security integrations, such as email security solutions, and technology services to better protect our clients’ systems, networks, and data. Connect with us to learn more about how we can support your organization.