Intelligent Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG) und Private Access for ZTNA sind nativ in einer einzigen Lösung integriert, um jedes Unternehmen auf seinem Weg zum Secure Access Service zu unterstützen Edge (SASE)-Architektur.

Netskope Borderless SD-WAN bietet eine Architektur, die Zero-Trust-Prinzipien und gesicherte Anwendungsleistung zusammenführt, um beispiellos sichere, leistungsstarke Konnektivität für jeden Standort, jede Cloud, jeden Remote-Benutzer und jedes IoT-Gerät bereitzustellen.

Read the article

Erkunden Sie unsere Plattform

Mehr über NewEdge erfahren

Beleuchtete Schnellstraße mit Serpentinen durch die Berge

Erfahren Sie, wie wir den Einsatz generativer KI sichern

Learn about Zero Trust

Learn about Industry Solutions

Bonus-Episode 2: Der magische Quadrant für SSE und SASE richtig machen
Mike und Steve diskutieren den Gartner® Magic Quadrant™ für Security Service Edge (SSE), die Positionierung von Netskope und wie sich das aktuelle Wirtschaftsklima auf die SASE-Reise auswirken wird.

Podcast abspielen

Wie Netskope die Zero-Trust- und SASE-Reise durch Security Service Edge (SSE)-Funktionen ermöglichen kann.

Den Blog lesen

Netskope hat eine Vielzahl von praktischen Labors, Workshops, ausführlichen Webinaren und Demos entwickelt, um AWS-Kunden bei der Verwendung und Bereitstellung von Netskope-Produkten zu schulen und zu unterstützen.

Learn about AWS Immersion Day

Entdecken Sie die Sicherheitselemente von SASE, die Zukunft des Netzwerks und der Security in der Cloud.

Learn about Security Service Edge

Netskope ist stolz darauf, an Vision 2045 teilzunehmen: einer Initiative, die darauf abzielt, das Bewusstsein für die Rolle der Privatwirtschaft bei der Nachhaltigkeit zu schärfen.

Finde mehr heraus

Im 2023 Gartner® Magic Quadrant™ für SSE wurde Netskope als führender Anbieter ausgezeichnet.

Report abrufen

Lernen Sie unser Team kennen

Gruppe von Wanderern erklimmt einen verschneiten Berg

Learn about Netskope Partners

Gruppe junger, lächelnder Berufstätiger mit unterschiedlicher Herkunft

Beware of Google Docs Spam

Summary

Netskope Threat Labs is warning users to be careful of spam messages being shared via Google Docs. The spam messages come in the form of a comment on a document or presentations and are sent by [email protected]. Both the comment and the document link the user to a spam or scam website. Because the messages are sent by Google Docs, it is likely that your spam filters do not detect and block these messages. In fact, docs.google.com may be explicitly allowed by your spam filters.

Example

The spam is delivered in the form of a comment on a Google Docs document or Google Slides presentation. The email is sent by [email protected], an address used for comments added to any files hosted in Google Drive. In this Google Slides example, the sender appears as “Message Service (Google Slides).” “Message Service” is the name chosen by the spammer to make this appear official and “(Google Slides)” is appended by Google to all Google Slides comments.

In this example, the comment masquerades as a postal notification:

Screenshot showing Google Docs Spam message — ***Figure 1: Spam comment***

The document itself is a Google Slides presentation with a single slide containing a hyperlink that redirects the user to an adult website:

Image showing the adult website the Google Docs Spam message redirects to — ***Figure 2: Spam Slides presentation***

This particular spam message was targeted generally at personal gmail.com accounts and not any specific enterprises or demographics. The motive was to entice recipients to sign up for a premium adult website.

Context

Cloud apps are a popular vehicle for the distribution of malicious content. One reason for their popularity is the fact that attacks launched from cloud apps can often subvert enterprise security controls, such as email or URL filtering.

Over the past year, we have detected and blocked a variety of attacks launched by cybercriminals leveraging a variety of cloud apps, including Google Drive. In total, 17% of malicious websites we block our users from visiting come from links in cloud apps. Of those, Google Drive represents 1%.

The following figure breaks down types of attacks cybercriminals launched using Google Drive, where the goal was to get users to click on a malicious link. Over the past year, 2% of those links were spam, like in this example. The most common types of attacks linked victims to phishing pages (14%) or malware delivery points (76%).

Visualization of the different kinds of malicious links in Google Drive — ***Figure 3: Types of malicious links in Google Drive***

Disclosure

The documents involved in this spam campaign were reported to Google on October 29, 2020, and promptly taken down.

Conclusions

Cybercriminals are always looking for new ways to abuse cloud apps. In this example, spammers succeeded in using comments in Google Slides to deliver spam messages that bypass common filters. We urge users to be extra careful in clicking on links in any cloud app, even if it is a cloud app that you commonly use. We expect spam like this to continue in the near to medium term, and for it to take on election, coronavirus, and holiday themes through the coming months.

The Netskope Security Cloud platform provides our customers protection against attacks like these launched from cloud apps.

Ray Canzanese

Ray is the Director of Netskope Threat Labs, which specializes in cloud-focused threat research. His background is in software anti-tamper, malware detection and classification, cloud security, sequential detection, and machine learning.