Tech
Sophos Uncovers Top 7 Ways Cyberscammers, Malware Operators Abuse Google Forms
Sophos, a global leader in next-generation cybersecurity, has published research, “Phishing and Malware Actors Abuse Google Forms for Credentials, Data Exfiltration,” describing howcyberattackers – from entry-level scammers to advanced adversaries – abuse Google Forms to implement a wide range of attacks, targeting both organizations and individuals.
“The extent to which cyberattackers abuse Google Forms came to light while we were researching how malware abuses encryption to conceal its activities and communications,” said Sean Gallagher, senior threat researcher at Sophos. “Google Forms offer cyberattackers an attractive proposition: the forms are easy to implement and trusted by both organizations and consumers; the traffic to and from the service is secured with Transport Layer Security (TLS) encryption so it can’t be easily inspected by defenders; and the whole set up essentially provides a free attack infrastructure.
“Our analysis shows that while most abuse of Google Forms by cyberattackers remains firmly in the low-skill phishing and fraud spam space, there are increasing signs that adversaries are taking advantage of the platform for more sophisticated attacks. Sophos’ examples of this include attackers using Google Forms to exfiltrate data and for malware command-and-control.”
Below are the seven ways that Sophos researchers have identified cyberscammers and malware operators abusing Google Forms:
1. Phishing: Despite the fact that Google warns users on every page of a form not to enter password details, Sophos found several examples where attackers tried to convince potential victims to enter their credentials into a Google Form laid out to resemble a login page. These forms were often tied to malicious spam campaigns.
2. Malicious spam campaigns: One of the largest sources of Google Forms links in spam were “unsubscribe” links in scam-related marketing emails. Sophos has intercepted a number of spam-based phising campaigns that targeted Microsoft online accounts, including Office365. The spam claimed that recipients’ email accounts were about to be shut down if they were not immediately verified, and offered a link to a Google Form that asked the user to enter their Microsoft credentials. These Google Forms pages were decorated with Microsoft graphics but, still, clearly a Google Form.
3. Payment card data theft: Entry-level scammers use Google Forms’ ready-made design templates to attempt to steal payment data through faked “secure” e-commerce pages.
4. Potentially Unwanted Applications (PUAs), such as adware: The researchers discovered a number of PUAs targeting Windows users. These apps use Google Forms pages surreptitiously, with the web requests collected and submitted to forms automatically without any need for user interaction.
5. Fake user interfaces for malicious Android apps: Sophos found some malicious Android applications that made use of Google Forms to capture data without having to code a back-end website. Most of these were adware or PUAs. For instance, the researchers found “SnapTube,” a video app that generates revenue for the developer through web advertising fraud and which includes a Google Forms page for user feedback.
6. Data removal: The researchers uncovered a number of more sophisticated threats abusing Google Forms. This included malicious Windows applications that used web requests to Google Forms pages to ‘push’ stolen data from computers to a Google spreadheet via Google Forms.
7. Part of the wider malicious cyberattack infrastructure: Sophos telemetry has detected a number of PowerShell scripts interacting with Google Forms. We were able to prototype how PowerShell scripts could be used to scrape Windows profiling data from a computer and submit it to a Google Forms form automatically.
“Google frequently shuts down accounts associated with a mass abuse of applications, including Google Forms,” said Gallagher. “However, the kind of low-volume, targeted use of Forms by some malware could stay under the radar. Business defenders need to be alert to this threat and apply caution whenever they see links to Google Forms, or any other legitimate services trying to obtain credentials, and they should not inherently trust TLS traffic to ‘known good’ domains such as docs.google.com.”
Sophos products, including Intercept X for endpoints, defend against most malicious spam that carry forms-based phishing campaigns and detect the behaviors of system information collection discussed in the new research.
Sophos also advises consumers to install a security solution, such as Sophos Home, on the devices that they and their families use for online communications and gaming to protect everyone from malware and cyberthreats.
Samsung Electronics has officially unveiled the latest addition to the popular Galaxy A series smartphones – the Samsung Galaxy A06.
Joining a fan favorite series and combining powerful performance with a sleek design, the Galaxy A06 offers customers and loyal A series fans unique features and premium experience at an affordable price.
The stylish Galaxy A06 is set to redefine what users expect from entry-level smartphones, offering cutting-edge technology without compromise.
Aptly, tagged “Galaxy Wey Sabi”, the Galaxy A06 stands out in the competitive category as it aims to resolve the customers’ needs in a smartphone with focus on durability, functionality, security, camera, and entertainment.
Users can enjoy capturing high-resolution photos with the 50MP rear camera, now equipped with Nightography for capturing the essence of every detail especially in low-light conditions. The 8MP front and 2MP (depth) cameras also provide crystal-clear selfies with advanced beautification features.
Spotting a slimmer design and comfortable grip, as well as a side fingerprint scanner, the new Galaxy A06 features a stunning 6.7” HD+ display, providing vivid colors and crisp clarity for an immersive viewing experience that delivers seamless visuals on the infinity-U display with enhanced brightness, especially for outdoor visibility.
Galaxy A06 – Galaxy Wey Sabi is truly a device, which understands your needs, equipped with a 5000mAh long-lasting battery, you can enjoy more device usage without worrying about battery life. The 25W Super-Fast Charging feature ensures up to 50% battery charge in just 30mins, meaning you are back in action quickly.
“The Samsung assurance is a promise, a trustworthy reliability in our Knox Security on this device, which protects your personal information by isolating your passwords and other private data within a secure environment,” said Stephen Okwara, Head Product Management, Samsung Electronics West Africa. “What also awesome about this is our promise of continuous OS upgrades and up to 4 years security update on this device. Isn’t that impressive from a brand that understands the needs of its customers?”
Also speaking at the Galaxy A06 launch event in Lagos, Oge Maduagwu, Head of Marketing, Samsung Electronics West Africa said: “We are excited to introduce the Galaxy A06, which brings together powerful performance, an advanced camera, and long-lasting battery life, all in a stylish and affordable package,” She added: “Also customers can enjoy premium support for their device with a screen damage insurance cover of just N9000.
Available in four stunning colors – Black, Blue Green, Lime and Silver – The Samsung Galaxy A06 will be available in Nigeria at all authorized Samsung Stores from 11th October 2024, with pricing starting at N146,000.
Tech
Anambra School Emerges Winner In National Girls In ICT Competition With Groundbreaking VR Technology
St. John Vianney Science College, Igbariam, used their virtual reality project to conquer the National Girls in ICT Competition 2024, claiming the national championship title yesterday!
The National Girls in ICT Competition, organized by the Federal Ministry of Communication, Innovation and Digital Economy, is a technology innovation competition for all girls in secondary schools across Nigeria.
Their innovative project, M-Tag VR, allows users to explore iconic landmarks like Zuma Rock and learn about fascinating cultural aspects of Nigerian tribes. The girls, Immaculate Ebube Ikegwuonu, Camilla Anyadike, and Nweke-Nonso Oluchi, mentored by their coach, John Onuigbo, triumphed over teams from all 36 states.
The girls’ talent shone brightly throughout the competition. They started at the state level where they aced the Anambra state competition, then proceeded to conquer the Southeastern regional championship, defeating teams from Ebonyi, Imo, Abia, and Enugu, to make it to the national finals.
Rivers and Lagos states secured the second and third-place positions, respectively.
Tech
Google To Delete Billions Of Browser Records To Settle ‘Incognito’ Lawsuit
CNN reported that Google will delete billions of data records as part of a settlement for a lawsuit that accused the tech giant of improperly tracking the web-browsing habits of users who thought they were browsing the internet privately.
The suit was originally filed in 2020 and accused Google of misrepresenting the kind of data it collects from users who browsed the internet via “Incognito” private browsing mode in Chrome. Google agreed to settle the suit late last year, but the terms of the settlement were first disclosed in a filing on Monday.
As part of the settlement, Google must delete “billions of data records” that reflect the private browsing activities of users in the class action suit, according to court documents filed Monday in San Francisco federal court.
Google will also update its disclosure to inform users about what data it collects each time a user initiates a private browsing session. Google has already started implementing these changes.
For the next five years, Google will also let private browsing users block third-party cookies as part of the settlement. Google also will no longer track people’s choices to browse the internet privately.