Security researchers have identified criminal campaigns exploiting cloud storage services to send SMS messages redirecting users to malicious websites.

Description

Attackers are using cloud storage services like Amazon S3, Google Cloud Storage [1] [2], Backblaze B2 [1] [2], and IBM Cloud Object Storage to distribute URLs via SMS. By bypassing network firewalls and deceiving users into clicking on spam URLs hosted on cloud platforms [1] [2], cybercriminals can lead users to fraudulent sites that steal personal and financial information [2]. For example [1], attackers have used Google Cloud Storage to create URLs linking to scam sites [1], employing HTML meta refresh techniques to redirect users without their knowledge [1]. Similar tactics have been observed with other cloud storage services like AWS and IBM Cloud [1]. Enea recommends monitoring traffic behavior [2], inspecting URLs [1] [2], and being cautious of unexpected messages with links [1] [2].

Conclusion

These criminal campaigns exploiting cloud storage services pose a significant threat to users’ security and privacy. To mitigate risks, it is crucial for organizations and individuals to monitor traffic behavior, inspect URLs [1] [2], and exercise caution when receiving unexpected messages with links. As cybercriminals continue to evolve their tactics, staying vigilant and implementing robust security measures are essential to protect against future attacks.

References

[1] https://ciso2ciso.com/cybercriminals-exploit-cloud-storage-for-sms-phishing-scams-source-www-infosecurity-magazine-com/
[2] https://www.infosecurity-magazine.com/news/cloud-storage-exploited-sms/