Novel phishing attacks involve Google Looker Studio exploitation

Threat actors have been deploying new phishing attacks exploiting Google Looker Studio in a bid to evade security defenses, according to SecurityWeek. Fraudulent cryptocurrency pages created through Google Looker Studio have been sent to targets through emails purporting to be investment strategy information. Clicking the link included in the email redirects to a legitimate Google Looker page with a slideshow that eventually leads to a login page aimed at exfiltrating the targets' credentials. Attackers have been able to evade email authentication checks by using an authorized google.com subdomain in delivering the messages. "This is a long way of saying that hackers are leveraging Googles authority. An email security service will look at all these factors and have a good deal of confidence that it is not a phishing email, and that it comes from Google. And it does! Because the attack is nested so deep, all the standard checks will pass with flying colors," said Check Point.