Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services to Target Telecom and Financial Sectors
(blog.eclecticiq.com)
from Joker@sh.itjust.works to cybersecurity@infosec.pub on 21 Nov 2024 16:14
https://sh.itjust.works/post/28425181
from Joker@sh.itjust.works to cybersecurity@infosec.pub on 21 Nov 2024 16:14
https://sh.itjust.works/post/28425181
EclecticIQ analysts identified a phishing campaign in late October 2024 targeting the telecommunications and financial sectors. Attackers leveraged Google Docs to deliver phishing links, redirecting victims to fake login pages hosted on Weebly - a legitimate, user-friendly website builder service. By using Google’s trusted domain for initial delivery, attackers bypassed standard email filters and endpoint protections, leveraging reputable platforms to evade detection and increase user trust.
threaded - newest