Scammers are leveraging a legitimate Google Drive collaboration feature to trick users into clicking on malicious links.
According to reports,, the recent attack stems from Google Drive’s
legitimate collaboration feature, which allows users to create push notifications or emails that invite people to share a Google doc. Attackers are abusing this feature to send mobile users Google Drive notifications that invite them to collaborate on documents, which then contain malicious links.
Because they are sent via Google Drive, the notifications come from Google’s no-reply email address, making them appear more legitimate. Other iterations of the attack are sent via email (instead of by notification) and include the malicious link right in the email.
“Interesting TTP utilising Google Sheets, ultimately ending up with generic prize scams,” said a cybersecurity expert who goes by Jake (or @JCyberSec)
on Twitter. “Google sheets slide was shared with an email address causing a pop-up notification on mobile.”
threatpost.com
