Security News > 2021 > June > Threat Actors Use Google Docs to Host Phishing Attacks
Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims' credentials.
The attack begins with an email that includes a message that could be relevant to business users who commonly use Google Docs within their corporate environment.
"It's a custom HTML page made to look like that familiar Google Docs share page."
If a user clicks, the page redirects to the actual malicious phishing website, which steals the victim's credentials using another web page made to look like the Google Login portal but which is actually hosted from a URL clearly not affiliated with the tech giant.
First an attacker would write a web page that resembles a Google Docs sharing page, and then upload that HTML file to Google Drive.
Once the file is scanned, Google renders the HTML into a preview page that looks very much like a typical Google Docs page.
News URL
https://threatpost.com/google-docs-host-attack/166998/
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Samsung phone users under attack, Google warns (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds (source)