Cybercriminals have launched a new campaign leveraging legitimate Google Drive features to trick unsuspecting users into opening malicious links. The feature allows the attackers to create push notifications or emails that ask the recipient to share a Google Doc. This then lets the cybercriminals to distribute malicious links via a service known as legitimate to users. The malicious links are also sent through Google Drive, meaning that the notifications don’t come from the attackers and rather from Google’s no-reply address.
WIRED reported that the attack is targeting hundreds of thousands of Google users, with notifications being sent in both Russian or broken English. Although the email notifications contain various lures, many of them masquerade as “personal notifications” from Google Drive, informing the victim that they haven’t signed into their account in a while. The email then threatens to delete the account if the user does not sign in using the malicious link in the email.
Read More: Scammers Abuse Google Drive to Send Malicious Links