More people than ever are now storing documents in the cloud, so cyber criminals are now targeting these services to nab people’s credentials, according to security specialists Proofpoint.
The most common email-related threat Proofpoint detects are phishing scams to steal information from Google Apps, which are particularly vulnerable to this type of campaign. This is especially bad news for businesses that tend to use Google Apps internally on a regular basis.
On its blog, Proofpoint showed a recent scam where the criminals had created a perfect replica of a Google docs shared document landing page. The only noticeable difference between the real and fake was that the latter had been delivered via http instead of https. Once the user clicks the ‘download your file’ button, they are taken to a Google login page. If the victim fails to notice the lack of https and enters their details, the scammers have their information.
Although most phishing scams stop trying to deceive people once they have obtained these personal details, this one goes on to display the actual document. This means the victim won’t necessarily realise straight away that they have been scammed, giving the criminals more time to use this confidential information, or eke out even more personal details.
Proofpoint also found that a similar scam had been created for Dropbox. Again, the victim was emailed a fake document to trick them into attempting to log in to their account. However, with this there was nothing to indicate the login page wasn’t genuine. A campaign like this was used to target businesses in the advertising and hospitality sector. After it proved successful, the scammers continued on to exploit firms in the financial sector.
Proofpoint believes that this type of cyber crime will grow in popularity, because hacking email accounts allows the attackers to create more targeted and lucrative campaigns. Scammers need to stay ahead of defences, and this is one way they can do just that.