A new phishing attack was released through Google Looker Studio that bypasses protections.
Google Looker Studio is a valid online tool for creating customizable reports using charts and graphs that are easily shareable with others. Threat actors are detected using Google Looker Studio to create fake crypto pages that are delivered to users via emails from an authentic source.
It is reported to contain a link to the fake report and provide the victim with information on investment strategies leading to significant returns.
Check Point’s analysis depicts that the attack manages to pass email authentication checks that avoid spoofing due to the sender’s IP address being listed as authorized for a Google.com subdomain.