"Researchers have uncovered a campaign that abuses Google's AppSheet to send phishing emails that appear legitimate and slip through standard authentication protocols. This allows the messages to bypass scam alerts and land directly in the targets' inboxes."
"The campaign indicates a growing shift in how phishing attacks are conducted. Attackers now rely on trusted platforms instead of imitating them, increasing their success rates while lowering suspicion from both users and security systems."
"Security researcher Shaked Chen calls this approach a 'phishing relay,' where trusted systems act as user-facing intermediaries for malicious campaigns, enhancing the effectiveness of the attacks."
"While its functionality is designed for business efficiency, an unintended consequence is that it creates a delivery channel that, when exploited for malicious purposes, becomes highly dangerous."
Cybercriminals have leveraged Google's AppSheet to conduct a phishing campaign that has compromised 30,000 Facebook business accounts across 50 countries. By impersonating Meta support, they send urgent messages about account issues, directing victims to fake pages. This method allows phishing emails to bypass standard security protocols, increasing their effectiveness. The campaign is linked to a Vietnam-based operator and represents a shift in phishing tactics, utilizing trusted platforms to enhance success rates and reduce user suspicion.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]