Cyber thugs phishing via Google studio

by DION HENRICK in Cape Town
Western Cape Bureau
CAPE TOWN – MILLIONS of users of the Google Looker family of products are at the mercy of cyber criminals abusing the platform to advance phishing attacks.

New research from NASDAQ- listed cyber security vendor, Check Point Software Technologies, has established that fraudsters are using Google Docs, Google Looker Studio and Google Slide for illicit purposes.

“Cyber criminals are taking advantage of Google’s business tools to help them steal login credentials and crypto accounts,” said Jeremy Fuchs, Cybersecurity Researcher at Check Point.

“Recently we’ve seen a dramatic rise in the use of Google Looker Studio for phishing attempts. This is concerning because it is difficult to detect for both security services and end users,” Fuchs said.

Over 10 million people use the Google Looker family of products.

Check Point explained how the scam around this works.

Cyber criminals first create a Google Looker Studio page. They then use Google to send a real notification to the targeted victim, asking them to review or comment.

Since the notification comes from the legitimate Google account, it is not caught by security filters.

Victim clicks through to look at the page, which looks legitimate.

Embedded within the Google Looker page is a link that redirects the victim to an external page designed to steal their login credentials and crypto-related information.

– CAJ News