CyberNews Briefs

Scammers Abuse Google Drive to Send Malicious Links

Cybercriminals have launched a new campaign leveraging legitimate Google Drive features to trick unsuspecting users into opening malicious links. The feature allows the attackers to create push notifications or emails that ask the recipient to share a Google Doc. This then lets the cybercriminals to distribute malicious links via a service known as legitimate to users. The malicious links are also sent through Google Drive, meaning that the notifications don’t come from the attackers and rather from Google’s no-reply address.

WIRED reported that the attack is targeting hundreds of thousands of Google users, with notifications being sent in both Russian or broken English. Although the email notifications contain various lures, many of them masquerade as “personal notifications” from Google Drive, informing the victim that they haven’t signed into their account in a while. The email then threatens to delete the account if the user does not sign in using the malicious link in the email.

Read More: Scammers Abuse Google Drive to Send Malicious Links

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.