However, the email shows Microsoft branding, and looks to be trying to mimic Microsoft’s file sharing service OneDrive and SharePoint. We would assume if the scam is in relation to tricking users into believing an important file has been shared with them, which this scam is, they would use Google Drive (a free feature of GSuite) branding and logos to add authenticity to the scam. The scammer will then either attempt to use those credentials for identity theft purposes, or sell them on to other cybercriminals via the dark web.īack to the design of the email, the very first mistake we’ve identified is one easily overlooked - the fact that the scammers seem to be targeting companies who use GSuite. #Check avast webshield log passwordUnbeknownst to the victim, their login attempt doesn’t provide access to the service, instead it secretly sends their email address and password credentials directly to the scammer. They then use a delivery method, such as sending an email or a mobile notification, encouraging a victim to login to their account for a perceived urgent reason - however the link provided to login, isn’t to the official service website, instead opens the phishing scammers phony website. We define phishing as when a scammer or cybercriminal develops a website to appear to be a login to a large online service, such as a file storage, email inbox or online bank. At TotalAV we thought it may be valuable to share some of the clangers the phishing scammers have made in terms of design of their scam, which perhaps will help you identify further phishing scams in future.Ībove is a screenshot of the phishing email. It stands out as a particularly bad attempt at phishing, and is being picked up by SPAM and junk filters. The TotalAV WebShield labs team and our graphic designers have collaborated on dissecting a newly seen phishing attempt email that has been circulating to companies who utilise GMail and Google Suite to power their email inboxes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |