Attackers Fooled Google Spam Engine with Phishing Emails that Lured Victims to Google Drive-Hosted Malicious Web Pages used to steal users Credentials. Elastica researchers say the phishing emails were delivered successfully and undetected by Googles built-in spam engine. ElasticA: The attackers used JavaScript code obfuscation and compromised websites in order to steal end-user account credentials using Google services. The phishing Web pages have been reported to Google, but they are currently still active and have not yet been removed.”]
Source: https://informationsecuritybuzz.com/news/discovers-google-drive-based-phishing-campaign/