Google Apps Script abused to launch dangerous phishing attacks
techradar.com
- Hackers are hosting fake invoices on Google Apps Script, experts warn
- The invoices are sent via email
- Victims are redirected to a fake Microsoft 365 login page
Threat actors have been seen abusing Google Apps Script to launch convincing phishing attacks and steal people’s Microsoft 365 login details.
Cybersecurity researchers Cofense recently spotted one such campaign where Google Apps Script used to host a fake invoice.
First, the crooks would prepare the usual fake invoice phishing email. That email would carry a link to the invoice which, when hovered (or clicked) would point to script[.]google[.]com. That way, the criminals would create a false sense of legitimacy with the victims who might think the invoice was actually coming from Google or a Google-affiliated service.
M365 credentials
Clicking on the link opens a small landing page stating “you have one pending download available” and a ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE