Security News > 2021 > June > Threat Actors Use Google Docs to Host Phishing Attacks

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims' credentials.
The attack begins with an email that includes a message that could be relevant to business users who commonly use Google Docs within their corporate environment.
"It's a custom HTML page made to look like that familiar Google Docs share page."
If a user clicks, the page redirects to the actual malicious phishing website, which steals the victim's credentials using another web page made to look like the Google Login portal but which is actually hosted from a URL clearly not affiliated with the tech giant.
First an attacker would write a web page that resembles a Google Docs sharing page, and then upload that HTML file to Google Drive.
Once the file is scanned, Google renders the HTML into a preview page that looks very much like a typical Google Docs page.
News URL
https://threatpost.com/google-docs-host-attack/166998/
Related news
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Outsmarting Cyber Threats with Attack Graphs (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Who's calling? The threat of AI-powered vishing attacks (source)