Remote worker are targeted by cyber criminals

Cybercriminals using the trusted brand names to exploit the Remote Worker for access to the login credentials. A few days back, the team observed that the attackers are using the web services and target the audience who are using Microsoft Outlook and Google Docs to harvest the data to do fraud or may plan for big campaigns.

What New happens 

According to the report, From January 1 to April 30, 2020. Google services like file sharing and storage websites and different brand names were around 65% (100,000) being attacked by form-based which makes 4% of all spearing-phishing attacks in the first four months of 2020.

1. Microsoft brands are also used for impersonation and the number of attacks is a total of 13% of attacks: 6% attacks for the onedrive.live.com, 4% for the sway.office.com, and 3% for forms.office.com.
2. The Google Service is also used for victimizing let see which services are:Storage.googleapis.com it is around 25%, docs.google.com it is around 13% and drive.google.com is around 4%
3. The other sites who are popular for some specific services like sendgrid.net are around 10%, mailchimp.com is around 4% and formcrafts.com is around 2% that is also used for impersonation attacks.     

Some other brands

In Between, hackers are using a variety of phishing campaigns to take advantage of the COVID-19 to infect through malware and steal credentials, scams Remote Worker, steal money from the organizations. Till May 2020, the attacker launched different phishing campaigns and many of the users get victimized by them through the brand name.

1. The cyber attacker also victimized LogMeIn by sending fake emails and directed users to a phishing site to compromise LogMeIn account login credentials.
2. The attackers also used Azure AD and Microsoft 365 sign-in pages to launch phishing attacks. The attackers a lot more convincing tactics used by the Cyber attackers
3. The Magellan Health employees are also attacked by the cyber attackers and the client’s data is stolen through malware which included credentials and userid.
4. The Zoom Phishing campaigns are the latest one which mimicked the meeting notifications from the zoom and stole the Microsoft credentials.
5. The Microsoft Teams notifications were also victimized by the cyber attackers and send automated notifications to steal the credentials of the relevant accounts.

How to be safe online

After finding all the problems one thing always remembers that never ever visits the insecure website and please check the URL for the basic protection. Don’t respond to any mail immediately and don’t touch the mail link without any familiar.