Microsoft and Google cloud phishing

In the first quarter of 2021, cybercriminals sent 52 million malicious messages using storage services such as Office 365, the Azure, the OneDrive, SharePoint, G-Suite and Firebase.

During the pandemic, criminals used the cloud to hide phishing scams from trusted Microsoft and Google services.

Phishing, microsoft, cloud, google

Proofpoint security researchers they discovered 7 million malicious emails sent by Microsoft 365 and 45 million emails sent by Google infrastructure in the first three months of 2021 alone.

They also report that malicious users have used Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase, to send emails, but also for attacks on servers.

The publication states:

"The volume of malicious messages from these trusted cloud services exceeded the volume of botnets in 2020, and the trusted reputation of these domains, such as and, increases the difficulty of detection."

Since a breach of one account could give access to more others, ProofPoint estimated that 95% of organizations were targeted in cloud attacks and more than half of them were successful. In addition, more than 30% of the organizations that were breached "experienced post-access activity such as file management, email promotion and OAuth activities".

Once intruders have credentials, they can enter an organization's emails, locate affiliates and significant others, to convincingly send phishing emails.

Proofpoint gave many examples of emails that tried to trick users into giving out their information or serving malware.

Proofpoint research clearly shows that intruders use popular cloud communication tools to spread malicious emails and target people using Microsoft and Google infrastructure.

Breaking accounts in the cloud can be combined with serving ransomware, with disastrous results.

So securing cloud services should be a top priority for security companies.

Read them Technology News from all over the world, with the validity of

Follow us on Google News at Google news