A new large-scale phishing campaign abuses Microsoft Azure, Google Sites to steal crypto
On Wednesday, A new large-scale phishing campaign attacking Coinbase, MetaMask, Kraken, and Gemini users abusing Google Sites and Microsoft Azure Web App to make fraudulent sites.
These phishing pages are promoted through comments posted to legitimate sites by a network of bots controlled by Hackers.
Posting links to phishing pages on various legitimate sites aim to escalate traffic and boost the malicious site’s search engine rankings.
As the phishing sites are hosted in Microsoft and Google services, they aren’t flagged by automated moderator systems, permitting promotional messages to stay in the comment section for longer.
The new campaign was spotted by analysts at Netskope, who observes that this tactic has let some fraudulent sites, seeming as the first result in Google Search, Bleeping Computer reports.
Google also includes the phishing pages as featured snippets to give them the highest exposure possible in the search results.
Google Sites is a free web page creation tool, part of Google’s online service suite that let users to make websites and host them on Google Cloud or other providers.