A group of analysts from Anavan has issued an alert regarding a new phishing campaign particularly insidious and effective with the use of Google Docs. Within a report they found the attack vector in an e-mail message which includes a link to a document uploaded to docs.google.com with an invitation to download it. As in the past, attackers exploit the notoriety of the service and its acknowledged reliability to create baits without excessive effort in order to obtain the personal data of the victims. In fact, the email sent by the Google Docs service is able to easily bypass the filters of e-mail boxes of companies as it is not recognized nor blocked as phishing attempt or scamming.
Thanks to the function of sharing and publishing documents through links, the attacker is able to embed in the file sent the redirect to a login page counterfeit to be in all respects equal to access to Google services, to remove the credentials of the unaware victim. Only by checking the url of this last page it is possible to notice the phishing attempt to its detriment, but as often happens in phishing, human error is the main element of vulnerability.