A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry. The attackers used a tailored-made email that included the company logo, the CEO’s name and a previously disseminated business message to make it appear even more authentic, researchers say. The emails included the link to a Google Docs file as well as a fake login page, which allowed the attackers to bypass the security features built into Microsoft Exchange because the link came from an authentic and recognized business service.”]
Source: https://www.bankinfosecurity.com/phishing-scheme-uses-google-drive-to-avoid-security-report-a-12924