Security News > 2021 > June > Threat Actors Use Google Docs to Host Phishing Attacks

Threat Actors Use Google Docs to Host Phishing Attacks
2021-06-17 13:00

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims' credentials.

The attack begins with an email that includes a message that could be relevant to business users who commonly use Google Docs within their corporate environment.

"It's a custom HTML page made to look like that familiar Google Docs share page."

If a user clicks, the page redirects to the actual malicious phishing website, which steals the victim's credentials using another web page made to look like the Google Login portal but which is actually hosted from a URL clearly not affiliated with the tech giant.

First an attacker would write a web page that resembles a Google Docs sharing page, and then upload that HTML file to Google Drive.

Once the file is scanned, Google renders the HTML into a preview page that looks very much like a typical Google Docs page.


News URL

https://threatpost.com/google-docs-host-attack/166998/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411