According to Avanan, cyber-criminals have found a way to create convincing phishing emails which abuse Google Drive and Docs functionality to bypass security filters.

Victims receive an email that contains a link to Google Docs. Once the victim clicks on that link, they will see Word document. As Avanan explained, this is actually an HTML page made to look like Google Docs page.

After clicking on the download button for the document, the victim will be redirected to a phishing website, where their credentials will be stolen.

According to Avanan, such an attack gives attackers every chance to bypass link scanners.

Source: securenews.ru