Phishers Targeting Cloud Docs
By impersonating collaborative platforms such as Google Docs and Outlook, phishers are threatening businesses in the digital space. According to Asaf Cidon, VP of Email Security at Barracuda Networks, Inc., phishing attacks using cloud docs represents the biggest email security threat of 2018 whereby login credentials are stolen to commit cybercrime such as spear phishing and fraud. Fraudulent wire transfers amount to an average of $125,000 as per the FBI 2017 BEC report.
The links used for phishing attacks do not appear on blacklists and are often personalized utilizing a recipient's details such as name. Some links evade suspicion by making use of a fake sign-in page within legitimate small business websites. An employee's credentials once stolen can be utilized to initiate hundreds of additional phishing attacks burdening the IT staff with tasks of multiple account deletion and password resetting. Even link protection solutions such as "safe links" do not protect from these attacks. Companies like Microsoft and Google cannot stop emails that impersonate Microsoft and Google, respectively.
Considering the grave threat posed by phishing today, latest email security technology coupled with regular security training within a comprehensive risk prevention approach is recommended for organizations as an effective shield against phishing attacks and other cyber crimes.