Remote workers are being “bombarded” with Google-branded spear phishing attacks. This is according to a new report from Barracuda Networks, which claims that in the first four months of the year, almost two thirds of spear phishing attacks that impersonated big name brands were Google-themed.
The company analysed almost 100,000 form-based attacks between January 1 and April 30, and found that 65,000 of them used the Google brand, mostly storage.googleapis.com and docs.google.com.
The second most commonly used brand was Microsoft, but which accounted for only 13 percent of the attacks, mostly in connection with One Drive and Sway.
For Steve Peake, UK Systems Engineer Manager at Barracuda Networks, the main challenge for employees is to spot the difference between legitimate and fake communications.
“Now, hackers can even create an online phishing form or page using the guise of legitimate services, such as forms.office.com, to trick unsuspecting users,” he said.
“Fortunately, there are ways to protect oneself against these cyber, such as implementing multi-factor authentication steps on all log-in pages so that hackers will require more than just a password to gain access to your data. Other, more sophisticated methods of cyber protection include using email security software, such as API based inbox defense, which uses artificial intelligence to detect and block attacks," he added.