Quote:Threat actors are cashing in on the rapid shift to cloud-based business services during the pandemic, by hiding behind ubiquitous, trusted services from Microsoft and Google to make their email phishing scams look legit. And it’s working.
In fact, in the first three months of 2021 alone, researchers found 7 million malicious emails sent from Microsoft 365 and a staggering 45 million sent from Google’s infrastructure, Proofpoint reported, adding that cybercriminals have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage to send phishing emails and host attacks.
“The malicious message volume from these trusted cloud services exceeded that of any botnet in 2020, and the trusted reputation of these domains, including outlook.com and sharepoint.com, increases the difficulty of detection for defenders,” the report, issued Wednesday, explained. “This authenticity perception is essential, as email recently regained its status as the top vector for ransomware; and, threat actors increasingly leverage the supply chain and partner ecosystem to compromise accounts, steal credentials and siphon funds.”
Because breaching a single account could potentially provide sprawling access, ProofPoint reported that 95 percent of organizations were targeted for cloud account compromise, and of those, more than half were successful. Additionally, more than 30 percent of those organizations that were compromised “experienced post-access activity including file manipulation, email forwarding and OAuth activity.”
Read more: Microsoft, Google Clouds Hijacked for Gobs of Phish | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
