Check Point researchers have discovered hackers exploiting Google Looker Studio to create fraudulent cryptocurrency phishing websites. These phishing sites target digital asset holders, leading to compromised accounts and financial losses. Google Looker Studio (previously known as Data Studio, is an online tool for converting data from spreadsheets and various sources into customizable reports.
Scam tactics
These phishing emails appear to come from Google and contain Google's official letterhead. They inform the recipient that, as a participant in Google's premium cryptocurrency insights and trading strategies program, they've won approximately 0.75 Bitcoin (valued at $19,200).
The convincingly crafted email encourages Gmail users to click the provided link to claim their earnings.
Once clicked, the link takes the target to fake web pages that feature a Google Slideshow promising cryptocurrency rewards. However, at this point, the displayed prize has been increased to 1.35 BTC, equivalent to $34,700.
The users are asked to provide their cryptocurrency wallet login information to claim this reward, and there's a timer that creates a sense of urgency, making it more likely to overlook clear signs of deception.
Any Google login details entered on this page are taken by cybercriminals, who can then use them to gain unauthorized access to other accounts.
Some latest phishing threats
Late last month, Microsoft warned of an increase in Adversary-in-the-Middle (AiTM) phishing techniques, which allow attackers to carry out large-scale phishing campaigns and steal session cookies without detection.
Researchers found a new TZW ransomware, belonging to the Adhubllka family, spreading via phishing emails to target individuals and small businesses.
The bottom line
To defend against such attacks, Check Point recommends implementing a comprehensive security posture with document and file scanning abilities and deploying a solid URL protection system. Follow basic cybersecurity hygiene such as exercising caution when receiving unsolicited emails and independently verifying the authenticity of unexpected rewards, enabling 2FA on cryptocurrency wallets and accounts for added security, and staying informed on the latest phishing trends.