Just when we think we are safe using Google Docs, the hackers find a way to attack. I just saw this post from CyberheistNews with more info:
Attackers are using a new technique to exploit Google Docs for phishing attacks, according to researchers at Avanan. The attackers take advantage of the fact that Google Docs automatically renders HTML code, so a Google doc can act as a landing page to direct the user to the real phishing page. The researchers describe one example in which the doc appeared to be a file share page.
"This Google Docs page may look familiar to those who share Google Docs outside of their organization," Avanan says. "This, however, isn't that page. It's a custom HTML page made to look like that familiar Google Docs share page.
The
researchers describe another attack in which the Google Doc itself
acted as a phishing page. This Doc appeared to be a DocuSign login page.
The login form contained an embedded listener that would send the
user’s password to the attacker.
Check out the full post here:
https://blog.knowbe4.com/attackers-abuse-google-docs-for-phishing-attacks
Be aware of these phishing scams to protect your information.
To Success!
Kathy Perry
Social Media Marketing
www.kathyperry.com