Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Fresh Warnings Issued Over Abuse of Google Services

U.S. government agencies and cybersecurity companies are warning users and organizations about cybercriminals abusing Google services to achieve their goals.

FBI warns about Google Voice abuse

U.S. government agencies and cybersecurity companies are warning users and organizations about cybercriminals abusing Google services to achieve their goals.

FBI warns about Google Voice abuse

Google Voice is a service that provides Google customers a phone number that they can use for calling, text messaging and voicemail. It can be used to make free PC-to-phone calls within the U.S. and Canada.

Scammers have been contacting people who sell things on online marketplaces such as Craigslist, claiming to be interested in the item. However, before making a purchase, they claim they want to make sure the seller is a real person so they send them a text message with a Google Voice verification code and ask them to provide that code.

Once they have obtained the verification code, the scammer can create a Google Voice number linked to the victim’s real phone number. They can then use the phone number to scam others and hide their identity. The verification code can also be used to access and hijack the victim’s Gmail account, the FBI said.

The Federal Trade Commission (FTC) issued a warning for these Google Voice scams in late October, and the FBI issued a fresh warning this week, along with advice on how people can avoid getting scammed and how they can regain control of the Google Voice account.

Avanan warns of Google Docs abuse

Advertisement. Scroll to continue reading.

Email security company Avanan on Thursday warned that threat actors have been abusing Google Docs to deliver phishing websites and malware.

Attackers are creating a Google Docs document and adding a comment that mentions the email address of the targeted user. The target automatically receives an email from Google informing them about the comment.

The email includes the attacker’s comment, which can be a link to a malicious website, accompanied by a piece of text that attempts to convince the victim to click on the link.

Google Docs abused for phishing and malware delivery

This technique has been used since at least August 2020, and Google at the time promised to take measures. However, Avanan says Google still hasn’t fully addressed the issue and a new attack wave mainly targeting Outlook users was spotted by the cybersecurity firm in December 2021.

The company said the campaign had hit more than 500 inboxes across 30 tenants, with the attackers leveraging over 100 Gmail accounts.

“There are several ways that make this email difficult for scanners to stop and for end-users to spot,” Avanan explained. “For one, the notification comes directly from Google. Google is on most Allow Lists and is trusted by users. Secondly, the email doesn’t contain the attacker’s email address, just the display name. This makes it harder for anti-spam filters to judge, and even harder for the end-user to recognize.”

Related: Google Sees Increase in COVID-19 Phishing in Brazil, India, UK

Related: Google Sees Drop in Government-Backed Phishing Attempts

Related: Google Docs Phishing Scam Doused After Catching Fire

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...