Related Posts
- Advertisement -
- Hackers organize fake invoices on Google Apps script, warn experts
- The invoices are sent via e -mail
- Victims are forwarded to a fake Microsoft 365 -logpage page
Threat actors have seen that the Google -apps script is abused to launch convincing phishing attacks and steal people Microsoft 365 login details.
CyberSecurity -researchers Cofense recently saw such a campaign in which Google Apps script was used to host a fake invoice.
Firstly, the crooks would prepare the usual fake invoice phishing -e -mail. That e -mail would take a link to the invoice that, when floats (or clicked) would indicate the script[.]Google[.]com. In this way, the criminals would create a false sense of legitimacy with the victims who would think that the invoice actually came from Google or a Google-Lied service.
M365 References
If you click on the link, a small destination page is opened with the text: “You have one awaiting download available” and a “preview” button. #
The button leads to the actual harmful page, which simulates the Microsoft 365 login page, almost to the last detail. Those who do not spot the trick and try to log in, ultimately end their login details to the attackers.
To better hide their tracks, the Crooks have set the page so that it goes back to the actual Microsoft 365 site as soon as the login details have been provided.
Google Apps script is a cloud-based script platform with which users can automate tasks and expand Google Workspace apps such as Gmail, Docs, Sheets and Drive with the help of Javascript.
For example, a teacher can have a Google Sheets file with student figures, and by using the Google apps script, he could automatically send personalized Emails, which means that hours manually save work.
“Phishing -e -mails such as these are a good example of how attackers benefit from legitimate domains to make their scams seem more convincing,” warned Cofense’s researchers. “It is important to remain vigilant and to inform employees about the risk of phishing attacks.”
Maybe you like it too
- Advertisement -
