A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry. The attackers used a tailored-made email that included the company logo, the CEO’s name and a previously disseminated business message to make it appear even more authentic, researchers say. Email body inspection tool did not examine the message past the first link, which allowed the email to be marked as non-malicious and passed on to employees along with the payload.”]
Source: https://www.cuinfosecurity.com/phishing-scheme-uses-google-drive-to-avoid-security-report-a-12924