The Google Doc phishing scam conned over a million users this week. The attack tricked victims into clicking a link that gave attackers access to their Google Drive. The link actually initiates a process to give a phony app masquerading as “Google Docs” access to the user’s Google account. Some researchers are calling this attack a “game changer” that could be just the start of a new wave of attacks that take advantage of third-party authentication connections in the cloud services-based economy.”]
Source: https://www.darkreading.com/attacks-breaches/google-docs-phishing-scam-a-game-changer