Google Users Under Attack
It seems attackers have fooled Google's spam engine with phishing emails, luring victims to Google Drive-hosted Web pages that steal users' credentials.
Though researchers are uncertain whether the Gmail account was compromised or if attackers created a false account, the phishing emails were delivered successfully and undetected by Google's built-in spam engine.
"In this particular incident, attackers were able to circumvent tight security controls and target Google users specifically to gain access to a multitude of services associated with Google accounts," said Dr. Aditya K Sood, architect of Elastica Cloud Threat Labs. "While the cloud offers unprecedented benefits to its users, it is challenging the traditional security model and necessitating a modern, flexible security stack designed to provide protection in a perimeterless world."