Threat Awareness – URL Spoofing of Company Domains through Well-Known Cloud Platforms

Email phishing lures are not the only way threat actors attempt to trick individuals into revealing their private information. URL spoofing is another common method adversaries exploit to steal information and conduct other malicious activity. Specifically, researchers have uncovered several URL spoofing bugs in popular Software-as-a-Service (Saas) platforms Box, Zoom, and Google Docs. This URL spoofing technique involves leveraging popular cloud platforms by creating a fraudulent website or link that is made to look like it’s part of your organization’s custom web address, such as ‘yourdomain [dot] zoom [dot] com’ in order to deceive a victim into entering information. “These spoofed URLs can be used for phishing campaigns, social engineering attacks, reputation attacks, and malware distribution,” according to researchers at the cybersecurity firm Varonis. Organizations and individuals can mitigate against this activity by conducting awareness training on this threat. Varonis has a series of short video demonstrations on how easy this threat is to accomplish. Members are encouraged to share the post with your users as part of your security awareness program. Read more at HelpNetSecurity.