From hackread.com
Cybercriminals have started employing a new phishing attack that abuses the popularity of Google Drive and Docs to bypass security filters.
In a report published by the IT security researchers at Avanan, it has been revealed that threat actors are using a Google Docs exploit in a new phishing campaign.
The researchers explained how an attacker writes a webpage resembling that of Google Docs sharing page and uploads it on Google Drive which scans the file and automatically renders the HTML. Then, that file is opened through Google Docs where the attackers get the top version with the rendered images.