Scammers Use Legitimate Cloud Services to Trick Victims

Scammers are using legit cloud services to send phishing emails with links to malicious sites and trick the users to fall in their traps.

The vulnerability was detected by Netskope who identified the phishing emails and SMS messages with malicious links which redirect to phishing pharmacy sites, dating sites, and tech support sites hosted on legitimate cloud services such as Amazon Web Services (AWS), Microsoft Azure, Alibaba Cloud and could potentially steal the victim's personal information.

“The ease of rapidly switching to new URLs and cheap hosting cost makes services such as Alibaba, AWS, and Azure a viable target for the scammers. The object store names can be randomly generated using a DGA (domain generation algorithm) to make shutting down the scams difficult. Attackers can also use compromised accounts or incorrectly configured object stores to host the payloads,” researchers said in a blog.

The scammers are not leaving behind even Google Docs as they are using it to create and share presentations with malicious links which when clicked redirect the users to dating sites could infiltrate users’ personal information and credit card details. It is to be noted that these links are immune to spam filters.