Cybercriminals Exploit Gmail Feature to Scale Up Attacks
According to new research by Agari, threat actors are currently taking advantage of a Gmail feature in a variety of scams, such as BEC scams, filing phony tax returns, submitting fraudulent applications for unemployment benefits and filing requests for other forms of government assistance, like FEMA disaster aid.
The exploited Gmail feature makes it possible to use dotted variations of a specific email address for the same account. For instance, emails being addressed to email@example.com; firstname.lastname@example.org and email@example.com will all be forwarded to the inbox of firstname.lastname@example.org. While the idea behind this feature is to prevent someone from mimicking another person’s username, cybercriminals are using it to manage large amounts of “dotted” email addresses, which can be used to create different user accounts on various websites, while still managing everything in the same inbox.