<ul><li>Hackers are using Google Apps Script to host fake invoices and launch phishing attacks targeting Microsoft 365 login details.</li><li>Victims receive phishing emails with links to fake invoices hosted on script[.]google[.]com, creating a false sense of legitimacy.</li><li>Clicking on the invoice link leads to a landing page mimicking a Microsoft 365 login page, where victims unknowingly provide their login credentials to attackers.</li><li>Criminals set up the phishing page to redirect back to the actual Microsoft 365 site after collecting the login credentials to hide their tracks.</li></ul>

Google Apps Script abused to launch dangerous phishing attacks

Discover more