Google Docs phishing scams are on the rise - here's what you need to know

laptop with google suite icons displayed
(Image credit: Shutterstock)

Cybersecurity software company Check Point has identified a worrying new Google Docs phishing scam that is bypassing usual detection measures to get straight into victims’ inboxes.

The researchers refer to the phishing scam as an evolution of BEC (business email compromise) 3.0, or one that maliciously uses legitimate sites to get access to a target’s mailbox.

With so many companies now favoring Google Workspace’s office software, the scam’s potential for reaching workers in especially troubling.

Google Drive phishing scam

Analysts say that all a threat actor needs to do is create a Google Doc. Inside the file, they can place any sort of attack they desire, including phishing links and URLs that redirect to malware

From there, the Doc just needs to be shared with a victim via the typical Google Drive sharing process. Because the email then arrives via a genuine Google email address and domain, and not one that belongs to the scammer, victims are less likely to identify it as an attack.

Furthermore, detection and prevention tools are also more likely to trust emails from genuine services like Google.

Check Point says that this type of BEC attack uses a form of social engineering, leveraging a trusted service provider (in this case, Google) and a trusted process (document sharing).

Google was reportedly informed about the discovery earlier in July, which it says is not a novel attack method, and as such, it already has strong protections to combat these types of tactics. A company spokesperson told TechRadar Pro:

"We have numerous layers of protections that protect our users from this class of attack, such as built-in warnings in Docs, and automatic scans in Drive that block the vast majority of phishing attempts."

In the meantime, CheckPoint advises security professionals to implement new and advanced measures that use artificial intelligence to spot multiple phishing indicators. File scanning software is also a good idea, as is URL protection.

Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!