1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Google Apps Script abused to launch dangerous phishing attacks

    From TechnologyDaily@1337:1/100 to All on Friday, May 30, 2025 15:30:08
    Google Apps Script abused to launch dangerous phishing attacks

    Date:
    Fri, 30 May 2025 14:29:00 +0000

    Description:
    Fake invoices were found being hosted on Google services.

    FULL STORY ======================================================================Hackers are hosting fake invoices on Google Apps Script, experts warn The invoices
    are sent via email Victims are redirected to a fake Microsoft 365 login page

    Threat actors have been seen abusing Google Apps Script to launch convincing phishing attacks and steal peoples Microsoft 365 login details.

    Cybersecurity researchers Cofense recently spotted one such campaign where Google Apps Script used to host a fake invoice.

    First, the crooks would prepare the usual fake invoice phishing email. That email would carry a link to the invoice which, when hovered (or clicked)
    would point to script[.]google[.]com. That way, the criminals would create a false sense of legitimacy with the victims who might think the invoice was actually coming from Google or a Google-affiliated service. M365 credentials

    Clicking on the link opens a small landing page stating you have one pending download available and a preview button. #

    The button leads to the actual malicious page, which mimics the Microsoft 365 login page, almost to the last detail. Those who dont spot the trick and try to log in, end up relaying their login credentials straight to the attackers.

    To better hide their tracks, the crooks set up the page so that it redirects back to the actual Microsoft 365 site, as soon as the login credentials are provided.

    Google Apps Script is a cloud-based scripting platform that lets users automate tasks and extend Google Workspace apps like Gmail, Docs, Sheets, and Drive using JavaScript.

    For example, a teacher could have a Google Sheets file with student grades, and by using Google Apps Script, they would be able to send personalized emails automatically, saving hours of manual work.

    Phishing emails like these are a good example of how attackers take advantage of legitimate domains to make their scams look more convincing, Cofenses researchers warned. It is important to stay vigilant and educate employees about the risk of phishing attacks." You might also like This ancient browser security flaw affecting Safari, Chrome and Firefox is finally being fixed
    Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/google-apps-script-abused-to-launch-dan gerous-phishing-attacks


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)