Google and Microsoft are the most impersonated brands in cyber attacks, according to research by Barracuda Networks.
Google file sharing and storage websites were used in 65% of the 100,000 form-based attacks detected by Barracuda in the first four months of this year.
The fraudulent domains included storage.googleapis.com (25%), docs.google.com (23%), storage.cloud.google.com (13%), and drive.google.com (4%).
Microsoft brands were utilized in 13% of the detected attacks. The frauds included onedrive.live.com (6%), sway.office.com (4%), and forms.office.com (3%).
The other impersonated brands included sendgrid.net (10%), mailchimp.com (4%), and formcrafts.com (2%).
All other sites constituted 6% of form-based attacks.
There were 28,275 form-based attacks in January, 18,376 in February, 27,373 in March an 24,508 in April, according to Barracuda.
Cyber criminals rely on three main tactics in form-based attacks:
Barracuda advises firms to protect themselves with API-based inbox defense, multi-factor authentication and security education.