Why ThreatMark
Solutions
Solutions
- Scams & Social Engineering
  Intercept deceptive schemes and protect customers from scams.
- Phishing Detection & Mitigation
  Mitigate financial fraud with an proactive defense against phishing attacks.
  - Credential Theft
- Account Takeover
  Prevent unauthorized access and safeguard customer accounts.
- Money Mules
  Identify money mule accounts before fraudster can cover their tracks.
- New Account Fraud
  Detect new account fraud with advanced behavioral biometrics.
- Transaction Risk Analysis
  Balance security and UX with the application of stringent security measures.
- Department
  ThreatMark supports the unspoken heroes in the fight against fraud.
ThreatMark Platform
ThreatMark Platform
- Behavioral Intelligence Platform
  Bolster fraud prevention with constant monitoring of the now.
- ScamFlag
  GenAI scam detection built into your banking app.
- Smart Insights
  Gain expert insight for accurate detections and fewer false positives.
- Cyber Fraud Fusion Center
  Cyber Fraud Fusion Center stands at the forefront of fighting cyber threats.
- FraudIntel
  Enabling detection of cross-border fraud schemes in real time.
Modern fraud demands a modern solution.

In this world of constantly increasing fraud threats, we’ve reimagined protection. Combining transaction risk analysis, threat detection, and user behavior profiling capabilities in one integrated platform.
Resources
Resources
Bringing trust to the digital world

The landscape of cyber threats is constantly evolving; stay ahead of the curve with ThreatMark.
Company
Company
- About Us
- Careers
- Partners
- Contact Us
Built to disrupt the fraud infrastructure.

Fraudsters don’t stand still, so neither do we.

Talk to a fraud fighter

Talk to a fraud fighter

Home Phishing using Google App Engine rising across Europe — ThreatMark sounds the alarm

Phishing using Google App Engine rising across Europe — ThreatMark sounds the alarm

January 4, 2021

As seen in IDTechWire, ThreatMark has identified a growing phishing trend in Europe that exploits Google App Engine to host scam sites targeting banks.

Attackers are abusing the trust baked into Google App Engine: all apps deployed there get SSL certificates automatically, and their subdomains (like appspot.com) are generally trusted by browsers and many security tools.
The structure of these phishing URLs is highly dynamic, which helps evade detection. For example, variants like VERSION_ID-dot-PROJECT_ID.appspot.com allow attackers to generate many different subdomains under a single campaign.
ThreatMark reports these attacks are already affecting multiple banks across Central & Eastern Europe.

ThreatMark encourages financial institutions to search their logs for suspicious substrings (e.g. “dot-srtrkr.appspot.com”) and to monitor for patterns in domain activity. In many instances, reports to Google have led to fast takedowns of phishing sites once identified.

Read the full article in IDTechWire for more details on how phishing campaigns are evolving — and what organisations can do to stay ahead: ThreatMark Raises Alarm Over Phishing Attacks Through Google App Engine