Senior security advisor at Sophos Chester Wisniewski reported the scam in a blog post, confirming that the message attempts to dupe users into clicking a suspect link by pretending to be a "Secure Document" from their bank.
Wisniewski said the attack is basic in principle, but it is dangerous as the message has been cleverly socially engineered to look like it is authentic and uses an atypical infection method.
"While those of us in the security industry might not be surprised, phishing attacks are consistently proving themselves to be one of the most effective ways to evade traditional defences. As many organisations move to the Google cloud, this type of phishing lure will continue to yield results for the criminals," he said.
"Many organisations are using Google and other cloud service providers to provide critical IT services. At first glance this could be very believable."
The attack reportedly links the victim to a phishing page hosted in Thailand, which attempts to dupe them into entering their password information for a variety of online services.
"The page not only asks for your Google credentials, it also suggests it will accept Yahoo, Outlook.com, Hotmail, AOL, Comcast, Verizon, 163.com or any other email account. Of course filling out this form can only end in tears. Your details are sent off to the compromised servers for whatever purposes these thieves desire," he wrote.
Wisniewski said the password theft is likely to be the first stage in a wider attempt to steal more information, such as the web user's banking login details.
"You might think, so what, my Gmail isn't full of secrets that will destroy my nation/life/career. You would likely be wrong. Your email is the key to unlocking much of your online identity. Forget your banking password? No worries, they will email you a password reset link," he wrote.
He added that the high success rate of phishing means attacks like this will continue until businesses work harder to educate their staff about cyber best practice.
"As an IT administrator these are opportunities to educate your staff on the risks. This might not be the most convincing of the phishes that are out there, but it is a useful tool to educate your staff," he wrote.
Phishing is a growing problem facing businesses. Kaspersky Lab reported that the number of phishing messages hitting UK web users has tripled over the last year, with crooks targeting an average of 3,000 Brits every day.
The UK government has set up a number of resources to help businesses protect themselves against the influx of attacks. Most recently The GCHQ launched two cyber incident response and advice initiatives, designed to help businesses prepare for and mitigate the damage of cyber attacks.
No comments:
Post a Comment