A rising variety of phishing campaigns have been noticed leveraging trusted on-line doc platforms to evade safe e mail gateways (SEGs) and steal credentials.
Risk analysts at Cofense Intelligence have recognized that platforms comparable to Adobe, DocuSign, Dropbox, Canva and Zoho are being misused in phishing assaults as a consequence of their widespread adoption by companies and people.
In 2024, these on-line doc companies reportedly accounted for 8.8% of all credential phishing campaigns, with 79% of noticed circumstances involving credential theft makes an attempt.
How Risk Actors Exploit Doc Platforms
In a brand new report revealed in the present day, Cofense defined how these platforms are trusted inside company and private environments, making it simpler for attackers to bypass safety filters.
Some companies robotically ship notifications to customers when a doc is shared, additional legitimizing the phishing try. SEGs typically allow these emails as a consequence of their origins from respected domains, permitting malicious hyperlinks to succeed in recipients.
Moreover, some companies, comparable to DocuSign, have options that inadvertently profit attackers, comparable to hyperlink expiration mechanisms that hinder post-attack investigations.
Malicious paperwork on platforms like Adobe and Dropbox may also keep lively for days earlier than takedown requests are processed, giving attackers ample time to execute their campaigns.
Learn extra on how attackers exploit company belief to execute phishing assaults: New Microsoft Groups Phishing Marketing campaign Targets Company Staff
Most Generally Abused Platforms in 2024
The analysis highlights six platforms that have been closely misused:
- Dropbox – Most exploited at 25.5%; phishing information stay on-line longer as a consequence of excessive site visitors
- Adobe – Utilized in 17% of campaigns, primarily for malicious PDFs that bypass SEGs
- SharePoint – 17%; attackers impersonate colleagues or enterprise companions
- DocuSign – 16%; regularly utilized in HR-related phishing, and in 6% of QR code phishing hyperlinks
- Google Docs – 11%; typically distributing malware through embedded hyperlinks
- Canva – Slightly below 9%; phishing through PDF and multimedia sharing
- Zoho – 4%, with a big spike in abuse in December 2024 to early 2025
Safety Implications and Prevention Measures
Whereas these platforms work to mitigate abuse, the amount of phishing campaigns makes full prevention tough.
Organizations and people ought to implement further safety layers, comparable to person schooling, behavioral evaluation instruments and multi-factor authentication, to scale back the danger of credential theft.
Monitoring for suspicious document-sharing exercise may also assist detect phishing makes an attempt earlier than they result in information breaches.
Picture credit score: tovovan / Shutterstock.com
Arabic
Chinese (Simplified)
Dutch
English
French
German
Italian
Japanese
Korean
Latin
Portuguese
Russian
Spanish