Threat Spotlight: Form-based attacks
A new type of brand impersonation attack is disproportionately using Google-branded sites to trick victims into sharing login credentials. Making up 4 percent of all spear phishing attacks in the first four months of 2020, Barracuda researchers have seen steady detections through the first part of the year. Researchers expect to see that number climb as cybercriminals have success harvesting credentials with these attacks.
Form-based attacks — In this type of brand impersonation attack, scammers leverage file, content-sharing, or other productivity sites like docs.google.com or sway.office.com to convince victims to hand over their credentials. The phishing email will usually contain a link to one of these legitimate websites making this highly specialized attack difficult to detect. Plus, one particularly tricky variant steals account access without stealing credentials.
Posted on June 3, 2020