"Phishing Attacks Actively Using Alternative Exfiltration Methods Including Google Forms and Telegram Bots"
According to researchers with the cyber intelligence firm Group-IB, cybercriminals are frequently using legitimate services to gather stolen data from exploit kits in the performance of phishing attacks. The researchers have found that hackers are often using Google Forms and Telegram bots with admin panels offered as cybercrime-as-a-service to manage processes during phishing attacks. It has been noted that the use of such services has led to the performance of increasingly sophisticated attacks. Group-IB's Computer Emergency Response Team (CERT-GIB) examined several phishing kits used by hackers to generate phishing web pages aimed at compromising online services and email clients. One of CERT-GIB's key findings is that cybercriminals are mostly targeting online shopping, streaming services, and tools used to view documents. Hackers could steal linked bank accounts by compromising online accounts. This article continues to discuss CERT-GIB's key findings regarding the frequent use of Google Forms and Telegram bots to collect stolen data during phishing attacks, the rise of phishing automation, and other recent findings surrounding phishing attacks.