Fake Google Meet invitation, fake Microsoft Store, real malware attack

Sublime's Attack Spotlight series highlights the increasing sophistication of email threats, particularly through fake virtual meeting invitations, often exploiting platforms like Google Meet, Microsoft Teams, and Zoom. A recent attack involved a fake Google Meet invite from a newly registered domain, leading recipients to a fraudulent page that mimicked a Google Meet interface. This page prompted targets to download a malware-laden file disguised as a Google Meet installer, which, when executed, installed the Teramind remote monitoring tool, giving attackers control over the victim's system and notifying them via Telegram. The attack leveraged common tactics such as lookalike domains and intentional misspellings to evade detection, while Sublime's AI-powered detection engine effectively identified and neutralized the threat, underscoring the importance of advanced email security measures in combating these deceptive schemes.