1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers are also going back to school - major campaign hijacks Go

    From TechnologyDaily@1337:1/100 to All on Mon Sep 1 11:15:08 2025
    Hackers are also going back to school - major campaign hijacks Google Classroom to hit targets

    Date:
    Mon, 01 Sep 2025 10:06:03 +0000

    Description:
    Google Classroom users are being targeted in social engineering attacks, experts warn.

    FULL STORY ======================================================================New phishing campaign found targeting Google Classroom users CheckPoint has detected and blocked the sites Hackers often use legitimate services to disguise their attacks

    New research by Check Point has revealed a large-scale social engineering campaign which sees hackers using Google Classroom to victimize students and educators across the world.

    A range of industries and companies were targeted in five coordinated waves
    of attack containing over 115,000 phishing emails aimed at 13,500 organizations, with fake invitations sent promoting commercial offers such as SEO services or product pitches.

    The attack often goes undetected by security software because it piggybacks
    on Google Classrooms legitimate infrastructure, bypassing traditional defenses, the experts warned. Phishing protections

    To protect against attacks such as these, CheckPoint reaffirms the need for robust training for employees and members of your organization - and warns users to be very cautious of unexpected invitations or communications.

    This incident underscores the importance of multi-layered defenses, CheckPoints statement confirms. Attackers are increasingly weaponizing legitimate cloud servicesmaking traditional email gateways insufficient to stop evolving phishing tactics."

    The research also recommends using AI-powered detection to analyze content,
    to extend social engineering protections beyond just messaging and SaaS services, and to continuously monitor cloud applications.

    Criminals often utilize legitimate platforms and services to distribute
    social engineering attacks or malware because it can help to evade
    detections. Earlier in 2025, hackers were observed bypassing security tools
    by mimicking legitimate login pages and stealing Microsoft credentials.

    Microsofts Active Directory Federation Services (ADFS) connects an organizations internal systems to Microsoft services. In this campaign, malvertising was used to distribute the phishing attack - and since the
    attack didnt rely on email, traditional email security filters werent effective.

    Although social engineering attacks can be potent and convincing, they do primarily rely on human error to be effective - which means that being wary and ensuring all members of your organization are sufficiently trained and tested in spotting attacks is the most effective defense. You might also like Take a look at our picks for the best malware removal software around Check out our choice for best antivirus software Google warns Salesloft attack may have compromised Workspace accounts and Salesforce instances



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/hackers-are-also-going-back-to-school-m ajor-campaign-hijacks-google-classroom-to-hit-targets


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)