Hackers are successfully mounting criminal campaigns by exploiting tools found in Google Workplace products, security experts warn…
Cybercriminals are now actively exploiting Google Workplace tools to rip off users. More particularly, hackers are deploying phishing campaigns. This, after Google bundled a number of its digital products back in October, including Gmail, Google Docs, and Google Meet. That proved to be a prime opportunity for threat actors to abuse the services in at least a few ways.
Hackers Exploiting Google Workplace
Security firm Armorblox claims in a report that the free, open system provided by Google is providing plenty of opportunities for cybercriminals. As a result, scammers are able to defraud organizations, steal user credentials, and install malware. Arjun Sambamoorthy, the Cofounder and Head of Engineering at Armorblox explains:
“The Armorblox threat research team has seen a sharp uptick in attackers using Google services to help them get emails past binary security filters based on keywords or URLs.
(W)e will outline five targeted phishing campaigns that weaponize various Google services during their attack flow. These attacks are representative but in no way exhaustive – they are the tip of a deep iceberg. If successful, these email attacks using Google services could have potentially impacted tens of thousands of mailboxes within Armorblox customer environments alone.”