We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Hackers Exploit Google Classroom to Target 13,500 Organizations

Hackers Exploit Google Classroom to Target 13,500 Organizations
Author Image Andrea Miliani
Andrea Miliani Published on August 29, 2025 Cybersecurity Researcher

Researchers from the cybersecurity firm Check Point revealed that hackers had been exploiting Google Classroom to distribute over 115,000 phishing emails. The cybercriminals targeted approximately 13,500 organizations in Asia, Europe, the Middle East, and North America.

According to the report published by Check Point, the attackers sent fake invitations containing commercial offers from Google Classroom accounts in five separate waves over the course of a week.

By creating fraudulent classrooms on Google’s platform, the malicious actors were able to send deceptive emails from accounts that included the “classroom.google.com” domain in the address.

“The deception works because security systems tend to trust messages originating from legitimate Google services,” explained the researchers. “By piggybacking on Google Classroom’s infrastructure, attackers were able to bypass certain traditional security layers, attempting to reach inboxes at more than 13,500 companies before defenses were triggered.”

The 115,000 emails were sent between August 6 and 12 and contained clear calls to action, encouraging victims to contact the attackers via WhatsApp to learn more about multiple commercial offers, ranging from SEO services to product reselling pitches.

Researchers were able to contain the attacks by detecting and blocking the phishing attempts, preventing further emails from reaching additional victims.

Check Point highlights the value of implementing multi-layered defenses to avoid such attacks. They also recommended that organizations train employees, use AI-powered threat detection, monitor cloud applications, and remain alert to social engineering campaigns.

“Attackers continue to find creative ways to exploit legitimate services like Google Classroom to gain trust, bypass defenses, and reach targets at scale,” states the report. “This campaign highlights how easily cyber criminals can weaponize digital platforms for fraud.”

Cybercriminals have recently exploited other Google products for phishing campaigns as well. Earlier this year, Check Point researchers revealed another large-scale phishing campaign that abused Gmail, Google Calendar, Drawings, Forms, and other services, sending more than 4,000 malicious emails.

About the Author

Andrea is a seasoned tech journalist with a growing passion for cybersecurity, covering cyberattacks, AI breakthroughs, and the latest trends shaping the future of technology.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

This field must contain more than 50 characters

The field content should not exceed 1000 letters

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Special characters are not allowed in the Name field

Please enter a valid email address