Threat actors are now using
Google Docs to send malicious phishing emails.
The emails, which resemble notifications sent by Google Docs, appear to be trustworthy to employees working remotely, Bleeping Computer
reports. The scam apparently began last October.
“Since Google itself is being ‘tricked’ into sending out these emails, the chances of email security tools tagging them
as potentially risky are practically zero,” Bleeping Computer writes. The result: malicious links that lead to malware.
In one instance, the email says:
“……..mentioned you in a comment.”
The threat is being monitored by Avanan, a threat analyst company.
This ongoing spear-phishing campaign uses over 100 Google
accounts and has already hit 500 inboxes across 30 organizations, Bleeping Computer says.
The trick also works on Google Slide and Google Workspace.
“To make
things worse, attackers don't have to share the document with their targets since mentioning them is enough to send malicious notifications,” Bleeping Computer continues.
The
threat actors “appear to favor Outlook users, but the target demographic is not limited to them,” it adds.
According to Bleeping Computer, employees are advised
to confirm that an email matches the claimed person, and to avoid clicking on links that arrive via email and are embedded on comments.