By incorporating a widely used survey tool, phishers have found another inventive way to get past email security gateways: Google Forms.

“From an attacker’s perspective, the effective part is [that] I can pretty much craft it and customize it, because it’s Google, and nobody’s blocking Google in their environment,” Mike Britton, chief information security officer at the email-protection provider Abnormal Security, told IT Brew.

In a Dec. 13 post, Britton described details of the attack method, involving a document and an old-fashioned call:

• For the social-engineering trigger, the phisher just sends one doc: A phony invoice receipt, made in Google Forms, with info like date of invoice, amounts owed, or subscription information.
• By enabling receipt response, the Form can then be sent to a targeted email address.
• The attacker does not use the survey to collect information; the phisher hopes that the target will call the phone number on the Form.
• Once the target dials the number, a human will try to convince the caller to give up personal information (like name, address, and credit card number) or even download malware onto their device.

“It’s about as close to zero-risk as I can get, because the initial attack is not breaking into anybody’s environment. It’s fairly benign, and it costs me next to nothing,” Britton said.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Looking for ways to take your business to the next level? Join the 450k+ business leaders and decision-makers reading Tech Brew, the newsletter that covers how companies use, invest in, and create technology. By reading Tech Brew, you’ll deepen your understanding of the innovative technologies impacting production, sales, and more so you can take that knowledge and apply it to your business.

The best part? Tech Brew is completely free and takes just 5 minutes to read, so it fits right into your busy schedule. Subscribe today.

It’s the new year, but we have one final order of business from 2023 to get through—namely, our “who’s in and who’s out” for the tech C-suite in December.

Chris Parkinson joined Signers National as CIO

Insurance company network Signers National hired Chris Parkinson as its new CIO on Dec. 14. Parkinson took over for Sal Abano, who’d been serving in that role alongside his duties as president. Parkinson will lead the company in its development of AI solutions, Signers said in a statement, as well as help his team “lead the next phase of technology and information advancements for Signers and its member companies.”

Parkinson came to the company with 30 years of C-suite tech experience. He was most recently SVP of IT for AmTrust Financial Services, capping off a nine-year career with the company.

Read more here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

At CES 2024, IT Brew caught up with Rapid7 researcher Deral Heiland to talk IoT security. You can expect a fuller report later this month, but for now we wanted to share one of the vulnerabilities he’s worried about: IoT devices as an entry point.

IT Brew: Is it possible that someone could use IoT devices as a way to get into your home system?

Deral Heiland: The reality is, if there’s a vulnerability that would allow that level of attack on a device, then yeah, somebody could do that. Now, what would they gain? Often there’s not always a big gain for breaking into an individual homeowner’s system. At best, you’re gonna get data about them, you’re gonna get maybe bank information about them—and that’s a lot of work for that.

But coming out of Covid, or during Covid, we got into that work-from-home thing. So instantly, these home networks are an extension of your corporate networks…A lot of people are working from home. So that’s always a potential attack vector.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Today’s top IT reads.

Stat: 117%. That’s the year over year increase in DDoS attacks during the holiday shopping season. (Cloudflare)

Quote: “This decision was not taken lightly, and we extend our deepest gratitude to those affected for their dedication and contributions.”—Kelly Ekins, Unity PR director, on the company’s layoffs, which will affect one-quarter of the company (The Verge)

Read: How does Getty’s new generative AI tool fare against the competition? (ZDNet)