#Google Docs warning: Don’t open #Microsoft Office 365 update through Google ...

GOOGLE DOCS is being used in a sophisticated phishing operation also involving the Microsoft Office 365 update. Here is everything you need to know about Google Docs forms requesting Office 365 updates.

PUBLISHED: 19:59, Tue, Feb 25, 2020 | UPDATED: 20:18, Tue, Feb 25, 2020

The latest attempts at phishing involves using a fake and poorly executed Microsoft Office 365 credentials update form in the guise of Google Docs is taking place. A Cofense report reveals the phishing emails originated from a compromised automated mail account with privileged access to financial services provider CIM Finance.

Related articles
WhatsApp banned: Countries where WhatsApp is blocked MAPPED
Gmail sign up: How to create a Gmail account? Is Gmail the best ema...

By using CIM Finance’s website to host their phishing emails, the malicious players ensured their messages could pass necessary email protection checks together with DKIM and SPF.

Google Forms is used to create faux Microsoft login pages to harvest company consumer credentials

Cofense's Europe director Dave Mount

After creating a suspect email account with privileged access to CIM Finance, the hackers used the CIM Finance internet site to ship a flow of phishing emails.

This technique avoids the first email protection checks because the electronic messages originate from a valid source.

Cofense’s Europe director Dave Mount told SC Media phishing risk players have long abused cloud services to supply malicious payloads through forms like Google Docs.

Microsoft-Office-365-phishingGoogle Docs news: Beware of Google Docs forms asking for Office 365 updates (Image: Getty)

Google Docs news:Google Docs news: Don't trust Google Docs forms requesting Office 365 updates (Image: Getty)

READ MORE
Microsoft could be making this huge change to Windows 10

He said: ”In this campaign and others like it, Google Forms is used to create faux Microsoft login pages to harvest company consumer credentials.”

The emails themselves pose as notifications from the IT crew informing recipients “updating the user’s Office 365” is needed to prevent the suspension in their accounts.

By creating this sense of urgency, criminals tried to persuade the public into clicking on the “Update Now” button.

read more.....

Get the latest news delivered to your inbox

Follow us on social media networks

NEXT Iran's negligence may lead to an even greater global viral outbreak mogaznewsen