![]() ![]() The shared document itself is not malicious, but it does link to another Google Docs document and a phishing URL. A scan of the message would reveal nothing untoward, as the embedded URL is a legitimate shared link to a genuine cloud service operated by Google. Importantly, the messages are not detected as malicious by EOP and are delivered to inboxes. While this is a clear sign that the emails are not what they seem, some employees would likely be fooled by the message. In this case, the name of the CEO was correct, but the email address used was different to the format used by the company. The account holder chooses who to share a file with and the system generates an email alert containing a link to the shared file. Google Drive allows files and collaboration requests to be easily sent to other individuals. The document had been shared via Google Drive and came with the message, “Important message from – CEO.” The emails, reported through Cofense Intelligence, impersonated the CEO of the company who was attempting to share an important document. ![]() A new phishing campaign has been detected that uses Google Drive links to avoid detection by Office 365 Exchange Online Protection and ensure messages are delivered to inboxes. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |