Face Verification
Address Verification
Document Verification
Age Verification
VideoIdent
Fast ID
Docless Verification
Consent Verification
NFC Verification
Business Verification
Due Diligence
Investor Verification
E-Signature
QES
AML Screening
Transaction Monitoring
Adverse Media
Business AML Screening
PEP & RCA
Sanctions
Watchlist
Behavioural Biometrics
Device Fingerprinting
Biometric Face Authentication
MFA
Fraud Hub
Onboarding
Ongoing Monitoring
KYC
KYB
KYI
Age Assurance
Identity Verification
Workforce IAM
Candidate Verification
Compliance
Fraud prevention
Trust & safety
Global expansion
Product Managers
Compliance Officers
Fraud Analysts
Developers
Deepfake
Bonus Abuse / Promotion Abuse
Account Takeover
Synthetic Identity Fraud
Document Fraud
Impersonation Fraud
Multi-Accounting
Fraud Networks
Chargeback Fraud
Money Mule Activity
Party Fraud
Regulatory & Compliance Risks
Fintech
Crypto
iGaming
Forex
Social Network
Marketplace
Banking
Gig Economy
Payments
Ride Hailing
Adult Content
Blind Spot Audit
Deepfake Detector
Liveness Spoofs
Document Originality
Document Deepfake
Global Trust Platform
Journey Builder
Case Management
Shufti AI
Fraud Analytics
Vendor Comparison
Brand Personalisation
IDV Modes
AI Compliance Co-Pilot
OCR
Secure Capture
Deployment Options
Identity Methods
API Documentation
Mobile SDKs
Service Status
Help Center
Contact Us
Technical Support
Supported Documents
Supported Countries
Content library
Blogs
News
Reports
Insights
Knowledgebase
ROI calculator
About
Career
Press Release
Certifications
Partnership
Awards
Events & Webinar
Interactive Demo
Podcast Studio
Spotlight Studio
Phishing attacks hidden in Google Cloud Services
Cybercriminals are concealing phishing efforts behind legitimate resources like google cloud services.
Cybersecurity researchers have warned of a phishing campaign that uses Google Cloud Services and offers legitimate PDF whitepapers to victims that give away their login credentials.
According to the researchers, it all starts with a PDF document uploaded to Google Drive which contains a link to a phishing page. The landing page, hosted on storage.google requires the user to log in with their Office 365 or organization email.
As the victim gives away their login credentials, they are redirected to a genuine PDF report published by a “renowned global consulting firm.”
Researchers claim that the user never becomes suspicious as the phishing page is hosted on Google Cloud Storage.
“Hackers are swarming around the cloud storage services that we rely on and trust, making it much tougher to identify a phishing attack,” said Lotem Finkelsteen, Manager of Threat Intelligence at Check Point.
Cybercrimes are skyrocketing. Users of Google Cloud Platform should all beware of this fast-growing trend and learn how to protect themselves. One should think twice about the files they receive from senders.
