Fraudsters are increasingly turning to public cloud services to host lure documents and phishing pages. Researchers at Check Point say attackers relied on Google Drive to host a malicious PDF document and Google s storage.googleapis[.]com to host the phishing page. A recent phishing campaign used Microsoft Azure, Microsoft Dynamics, and IBM Cloud. Researchers say victims are unlikely to spot the scam and at the end of the process a genuine PDF document from a reputable company is delivered.
Source: https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-google-cloud-services-to-steal-office-365-logins/