• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Cybercriminals Abusing Vulnerability in Google Apps to Send Phishing Emails

March 12th, 2015 Waqas Security 0 comments
Cybercriminals Abusing Vulnerability in Google Apps to Send Phishing Emails
Share on FacebookShare on Twitter

It has been found that hackers can now easily abuse any website’s domain name based email addresses through the Google Apps for work. These e-mail addresses can then be used for sending phishing e-mails for an interested company so as to target users.

One can register an account with Google Apps for Work if one desires to have an e-mail address that is named after one’s brand in a manner like admin@yourdomain.com instead of myemail@gmail.com.

Must Read: How Gmail ID Can Be Hacked Despite Having Google’s Two-Factor Authentication On

cybercriminals-abusing-vulnerability-in-google-apps-to-send-phishing-emails

With Google Apps for work, one can use services like Gmail, Drive storage, Calendar, online documents, video hangouts and many other collaborative services that could be shared with a team or organization.

All one needs is to sign up like a typical Gmail account and a custom domain name based email service from Google will be set up. As soon as the account is created, one can use his/her domain’s admin console panel on Google app interface, however, until the account is verified by Google, usage of any other service is not possible.

Sending Phishing E-mails from hijacked accounts

Patrick Fehrenbach and Behrouz Sadeghipour were to Cyber Security researchers who discovered that a hacker can put any unused domain – domains not previously registered with Google apps services – to register with the app. For example, bankofanycountry.com can be registered with Google apps for Work so as to get the admin@bankofanycountry.com account. Though at this stage, one cannot use email services for admin@bankofanycountry.com until the domain is verified by Google and so until then, no emails can be sent and received from that account.

Must Read: Researchers show how to hack Gmail with 92% success rate

However, the researchers explained that the domain admin name can be sent to the organization users, that is, info@bankofanycountry.com – that has to be created from the panel in order to go ahead – through ‘Sign in Instructions’ using a page on Google apps that has an access to the following URL directly on the browser.

https://admin.google.com/EmailLoginInstructions?userEmail=info@bankofanycountry.com

Through the compose email address like the one shown above, the attacker can send all types of phishing email with harmful links to target users, fooling them into giving their personal information like passwords, financial detail and other types of sensitive data.

Before the security patch

Before Security Patch Researchers were able to achieve admin@vine.com (obtained by Twitter) and then send an e-mail to a target having a subject Welcome to Twitter thus convincing the target into providing personal details of Twitter account to this phishing e-mail.

cybercriminals-abusing-vulnerability-in-google-apps-to-send-phishing-emails-2

The security issue was reported to Google and perhaps it has applied a limited cover on the issue. This is because even after that, hackers can still access ‘Send Sign in Instructions’ for domains not verified, only this time through apps-noreply@google.com rather than custom email address.

Behrouz told in a conversation that showing apps-noreply to senders is adequate according to Google.

After the Security Patch

The attackers are still not deterred from attacking victims as such. Usually, spam and doubtful e-mails are automatically filtered by Google as they get marked as spam or phishing warnings like when it is a legitimate source such as bank or Google, which they are not.

cybercriminals-abusing-vulnerability-in-google-apps-to-send-phishing-emails-3

In contrast, through misusing Google’s vulnerability, attackers are able to send e-mails directly into the inbox without any warning since is the Google servers themselves that generate the e-mail.

Follow @HackRead

  • Tags
  • Cybercriminals
  • gmail
  • Google
  • Google Apps
  • hacking
  • Phishing Email
  • Privacy
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article WordPress SEO by Yoast’ Plugin Vulnerable to Hackers, Affecting Millions Worldwide
Next article U.S. Senate Rushing to Move Cyber-Surveillance CISA Bill Amid NSA Spying
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

48
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

85
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

107

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us