Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details. The phishing effort starts with spam emails that encourage recipients to click on a Firebase link inside the email. If the targets click on the link, they re taken to a supposed login page and prompted to enter their credentials which of course are sent directly to the cybercriminals. The campaigns were circulating globally, across a range of industries, but the majority of the hits have been in Europe and Australia.
Source: https://threatpost.com/crooks-tap-google-firebase-in-fresh-phishing-tactic/155967/