Example

Check Point Research has detected a new and advanced phishing of credentials used Firebase, a platform widely used to house web applications. This fraudulent method consists in the creation of false pages that mimic legitimate services with a high level of professionalism, which facilitates deception to users.

Cybercriminals have perfected their strategy when using committed email suppliers to insert Phishing links into existing conversations. This tactic significantly increases the credibility of the message, since the links seem to come from reliable sources. Clicking, the victims are redirected to fraudulent pages designed to capture their access credentials.

The use of Firebase to house these false pages allows attackers to exploit the confidence that security platforms have in this technology. In this way, conventional security measures may not detect threat easily. Once users enter their credentials on the malicious page, cybercounts get access to their accounts and sensitive data.

The attackers use Firebase to accommodate Phishing websites that mimic legitimate services

“The use of trusted platforms such as Firebase to house phishing attacks represents an evolution in cybercriminal tactics. It is essential that companies adopt a proactive approach to cybersecurity, combining advanced technology with continuous training for their employees,” says Eusebio Nieva, technical director of Check Point Software for Spain and Portugal.

Phishing with Firebase: Security recommendations

This type of attack has mainly affected organizations in the United States (53%), followed by the European Union (23%), the Middle East (22%) and Australia and the Asia-Pacific region (15%). The consequences can range from data filtration to financial losses and reputational damages.

To reduce the risk of this type of threats, Check Point Research recommends:

  • Implement advanced safety solutions for emails, capable of detecting phishing attempts.
  • Enable multifactor authentication (MFA) in all accounts.
  • Integrate threat intelligence into corporate safety infrastructure to improve real -time detection and response.
  • Inform safety equipment on possible undue uses of Firebase and immediately report them to service providers.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.