HQ/EMEAFind out how we can help your business
A new phishing campaign from cybercriminals has begun exploiting the Google Looker Studio. The threat actors use this versatile tool to create customisable reports from raw data and launch cryptocurrency phishing attacks.
Based on reports, this newly discovered malicious operation has resulted in financial losses for unsuspecting crypto owners.
Google Looker Studio, formerly Data Studio, is an online data conversion tool that generates informative reports with charts and graphs from raw data from spreadsheets and other platforms.
Threat actors have used the Google Looker Studio service to create malicious websites.
Hackers have started leveraging the service of Google Looker Studio to develop their cryptocurrency phishing websites. The interesting part of the actors’ tactic involves the attachment of URLs of these malicious pages into phishing emails.
This technique allows them to bypass email security checks since Looker Studio is a legitimate tool and has a good reputation that fends off red flagging. In addition, these phishing emails originate from Google and use its official letterhead.
The phishing emails used by the actors inform their victims that they have won 0.75 BTC, equivalent to approximately $19,000. This method also increases the legitimacy of the actors’ websites to have fake participation in Google’s premium cryptocurrency insights and trading program. Next, the email instructs Gmail users to click the embedded link to claim their winnings.
Subsequently, the emails will redirect the victims to deceptive phishing pages that promise cryptocurrency rewards via a Google Slideshow after accessing the attached URL.
However, the scam increases the prize to 1.35 BTC (approximately $34,700) at this stage and will instruct the visitors to provide their cryptocurrency wallet login details to get their winnings.
Furthermore, the threat actors include a countdown, making it easier for individuals to miss obvious red flags within the website that indicate fraud. Threat actors could harvest any Google credentials entered on these fraudulent pages, use them to breach other accounts, and potentially steal funds from cryptocurrency exchanges.
Whether Google has applied countermeasures to mitigate this campaign’s effects and prevent similar future threats remains uncertain. Google urges users to report malicious content and phishing pages that may appear on Google Looker Studio through their reporting tool.
Lastly, users must remain vigilant and report any suspicious activity promptly to safeguard their assets and personal information since this cryptocurrency phishing scam could persist.
