KnowBe4 reported:
Most scams focused on stealing the victim’s credentials tend to spoof the specific platform to which the credentials provide access.
But in this latest attack – apparently on G Suite users – the threat actors got somewhat creative.
The initial phishing email targets Spanish-speaking users, using a pretty common social engineering tactic revolving around the need to confirm an account.
The unique execution here is the spoofing of a Google Translate page to make the victim user believe they are providing credentials within a safe environment – one owned and operated by Google.
Most scams focused on stealing the victim’s credentials tend to spoof the specific platform to which the credentials provide access.
But in this latest attack – apparently on G Suite users – the threat actors got somewhat creative.
The initial phishing email targets Spanish-speaking users, using a pretty common social engineering tactic revolving around the need to confirm an account.
The unique execution here is the spoofing of a Google Translate page to make the victim user believe they are providing credentials within a safe environment – one owned and operated by Google.
Find out more with the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat