Threat actors are playing peek-a-boo by abusing Google Docs and Drive functionalities in a new phishing campaign. An email containing a link to Google Docs, which is actually a customized HTML page, has been found redirecting victims to a phishing website that steals their credentials. In another instance of malicious redirects, cybercriminals are now maligning the plugins on compromised websites to redirect visitors and website owners to malicious sites.
Top Breaches Reported in the Last 24 Hours
Eggfree Cake Box affected
Eggfree Cake Box suffered a data breach that resulted in the compromise of the personal and payment data of users. The firm disclosed that its website was hacked in 2020 to include malicious scripts that stole information. Based on the description, it is believed to be a Magecart attack.
Update on Audi data hack
Data stolen from Audi and Volkswagen have been put on sale on a hacking forum. The data was stolen from an exposed Azure Blob container and included contact information of users.
Update on EA hack
A new update on the recent Electronics Art (EA) hack reveals that hackers purchased a cookie for $10 from Genesis dark marketplace which allowed them to log into an EA Slack account. This tricked EA’s IT support team into granting access to the company’s internal network.
Carnival Corporation breached
Carnival Corporation has confirmed a new data breach that allowed hackers to hack into email accounts and gain access to data of its customers and employees. The breach was first detected on March 19. The data accessed includes names, addresses, phone numbers, passport numbers, and health information of users.
Top Malware Reported in the Last 24 Hours
Attackers abused the plugin upload functionality in the wp-admin dashboards of compromised WordPress sites to redirect visitors and website owners to malicious sites. The attack makes use of Punycode to hide the malicious payloads.
Top Vulnerabilities Reported in the Last 24 Hours
Google releases another patch
Top Scams Reported in the Last 24 Hours
Fake giveaway scam
Scammers are misusing the name of international shipping company UPS to dupe consumers in a fake giveaway scam. The scam guarantees recipients a Sony PlayStation 5 gaming console in return for completing the online survey on behalf of UPS. The message reads as if recipients are among the lucky winners. The ultimate goal of the scam is to harvest credit card details from users.
An email campaign that asks victims to call a bogus phone number to suspend fraudulent subscriptions has managed to hit 25,000 mailboxes. The email bypasses native Microsoft email security controls and email security engines like Exchange Online Protection (EOP) to land in corporate inboxes.
Phishing through Google Docs
Threat actors are exploiting Google Docs and Drive to deliver phishing sites to victims. It all starts with a phishing email that includes a link to a Google Docs page, which is actually a custom-made HTML page. Once the victims click on the link, they are redirected to the phishing website where their credentials are then stolen.
WeTransfer applications imitated
A phishing campaign that imitates the legitimate WeTransfer file transfer application is being used to lure users into sharing their credentials. Mimicking the app enables scammers to bypass email security gateways.