Hackers Exploiting Flaws in Google Docs’ Comments Feature

Application Security
Cloud Security

Campaign Difficult for Both Email Scanners and Victims to Flag

Hackers Exploiting Flaws in Google Docs’ Comments Feature
(Photo: Stephen Phillips – Hostreviews.co.uk via Unsplash)

A new wave of phishing attacks has been identified in which hackers exploit a vulnerability in the comments feature of Google Docs to deliver malicious phishing websites to end-users, reports security firm Avanan.

See Also: How to Uplevel Your Defenses with Security Analytics

Starting in December 2021, Avanan, a Check Point company, observed a ‘massive wave’ of hackers leveraging the comment feature in Google Docs and other Google collaboration tools primarily targeting Outlook users.

It hit more than 500 inboxes across 30 tenants, with hackers using more than 100 different Gmail accounts say Avanan researchers.

“In this attack, hackers are adding a comment to a Google Doc. The comment mentions the target with an @. By doing so, an email is automatically sent to that person’s inbox. In that email, which comes from Google, the full comment, including the bad links and text, is included. Further, the email address isn’t shown, just the attackers’ name, making this ripe for impersonators,” says Jeremy Fuchs, cybersecurity researcher/analyst at Avanan.

Google Docs is an online word processor included as part of the free, web-based Google Docs Editors suite offered…