logo

IT Services covering Chester, North Wales & The Wirral

Office 43, Coworkz Block B, Minerva Avenue, Chester, CH1 4QL


Email: info@tst.uk.com

Phone: 01244 457870

mobile-logo
 

Google Exploited in Phishing Campaign

05 Jan

Google Exploited in Phishing Campaign

by admin
in IT Security
Comments

Google Exploit

Over 3,000 organisations, predominantly in manufacturing, fell victim to a sophisticated phishing campaign. This cyber attack came in December 2025  leveraging Google’s own application infrastructure to bypass enterprise email security controls.

moveit

 

Attackers sent deceptive messages from noreply-application-integration@google.com, marking a critical shift in how threat actors exploit trusted platforms.

Unlike traditional phishing attempts that rely on domain spoofing or compromised mail servers, this campaign operated entirely within legitimate Google systems.

The emails passed all standard authentication checks, SPF, DKIM, DMARC, and CompAuth, creating a fundamental blind spot for conventional email security tools.

How the Attack Worked

The phishing emails impersonated legitimate Google Tasks notifications. They claim to be internal task assignments requesting employee verification.

Recipients were prompted with calls to action such as “View task” or “Mark complete,”.  Clicking a link redirected to a malicious page hosted on Google Cloud Storage.

The attack exploited three critical vulnerabilities in traditional security models:

Trusted Sender Infrastructure: Emails originated from valid Google systems, inheriting Google’s high sender reputation and near-universal allowlisting across organisations.

High-Fidelity Brand Impersonation: The messages replicated Google Tasks UI, branding, and familiar notification buttons with striking accuracy.  This made them visually indistinguishable from legitimate communications.

Payload on Trusted Domains: Rather than hosting malicious content on suspicious domains, attackers leveraged Google Cloud Storage URLs. Thus rendering URL reputation-based detection ineffective

Without anti-phishing protection measures or device security, businesses are susceptible to such attacks.  Having no means to stop a live attack in its tracks or remediate the situation can be a death sentence to any business.  Cyber attacks are on the rise and it is essential that all businesses, large or small, rise to meet the challenge.  Businesses in the USA are investing in cyber protection but the UK lags behind in recognising the dangers.  Cyber criminals are constantly scoping out any weaknesses.

Read the full article here

IT Support Chester

Office 43, Coworkz Block B, Minerva Avenue, Chester, CH1 4QL


Email: info@tst.uk.com

Phone: 01244 457870

About TST

TST was started in 2000 to provide IT Support and Services for SME’s. Since the start our focus has been customer focused delivery.  We put our customers at the centre of everything we do and strive to improve our communication with each user.


Read More

Keep in touch

Click the Subscribe button to get the latest information from TST.

Copyright © TST {For Everything IT} | Registered Company Number 14964172