UPDATE: A new phishing campaign has just been confirmed, targeting approximately 3,200 businesses across the United States, utilizing legitimate Google services to deceive victims. Cybersecurity researchers from Check Point report that nearly 10,000 phishing emails were dispatched from the email account [email protected], exploiting Google Cloud Application Integration.
This attack is particularly alarming as it exploits the trusted reputation of Google, fooling recipients into clicking malicious links that lead to credential theft. The campaign has heavily impacted businesses in the manufacturing, technology, and finance sectors, with almost 48.6% of victims located in the U.S.
The emails mimic official Google notifications—such as pending voicemails or shared documents—making them appear legitimate. Once clicked, victims are directed to seemingly safe links on storage.google.cloud.com that then redirect to a fake Microsoft login page, where they are prompted to enter their credentials after completing a deceptive CAPTCHA.
According to Google, “several phishing campaigns” utilizing this method have already been blocked. The company clarified that this is not a breach of its infrastructure but rather an abuse of its workflow automation tool. Google has implemented additional protections to safeguard users against these specific attacks, urging caution as malicious actors continue to spoof trusted brands.
As this situation develops, cybersecurity experts recommend that individuals and organizations remain vigilant. Monitor communications closely and verify unexpected messages, especially those that appear to originate from trusted services like Google.
This alarming trend highlights the growing sophistication of phishing attacks and the urgent need for heightened security awareness among businesses and individuals alike. Stay tuned for further updates as this story unfolds.
