Fake Google and Microsoft branded websites meant to trick users into giving away their login credentials accounted for a bulk of form based cyberattacks detected by Barracuda Networks in last four months.

Out of the 100,000 form-based attacks by the cybersecurity firm between January 1 and April 30, Google file sharing and storage websites were used in 65% of the cases, accounting for 4% of all spear-phishing attacks in the first four months of the 2020.

The report shows that 25% of attacks used storage.googleapis.com, 23% used docs.google.com, 13% used storage.cloud.google.com and 4% used drive.google.com for impersonation.

On the other hand, Microsoft brands accounted for 13% of the attacks. Microsoft’s onedrive.live.com was involved in 6% attacks, sway.office.com in 4% attacks and forms.office.com in 3% of attacks.


The other leading websites used in impersonation attacks include sendgrid.net (10%), mailchimp.com (4%), and formcrafts.com (2%).

https://www.livemint.com/technology/tech-news/fake-google-and-microsoft-branded-sites-popular-among-attackers-in-2020-report-11590762241264.html