The attack lends Google credibility to fool security-trained users exploiting the trust users have with Google. This latest attack was built on previous techniques from last year by adding advanced code obfuscation.
In this phishing campaign, the attacker used Gmail to distribute e-mails containing links to unauthorised web pages hosted on Google Drive. The attacker is not conducting a man in the middle attack, he is simply abusing how the Google Drive publishing functionality works and then exploiting that for his own purposes.
Using Google Drive, attackers make it difficult for security solutions to find the attack using IP address blacklisting. Code obfuscation messes up the security detection process even more by hiding the HTML source code.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now