New Report Shows that Threat Actors Use Google Docs Comment Feature to Send Malicious Links

In December 2021, a new tendency in phishing attempts appeared, with cybercriminals exploiting the Google Docs commenting feature to send out emails that seemed legitimate.

Before that,

In June, Avanan reported on an exploit in Google Docs that allowed hackers to easily deliver malicious phishing websites to end-users. Now, hackers have found a new way to do the same thing.

Last October, it was reported that hackers could easily send malicious links through comments in Google apps like Docs and Slides. This known vulnerability has not been fully closed or mitigated by Google since then.


Because numerous employees who work or collaborate remotely use Google Docs, the majority of the recipients of these emails are familiar with the messages. As Google is being swindled into sending these emails, the likelihood of them being flagged as possibly dangerous is essentially nil.

The Attack

In the recently published study conducted by Avanan is explained that during this type of attack, cybercriminals post a comment to a Google Doc. The comment mentions the victim with an @.

An email is automatically sent to the target’s inbox as a result of this action. The entire comment, including the malicious links and content, is

Read More: