In the second quarter of 2019, scammers were making active use of cloud-based data storage services such as Google Drive and Google Storage to hide their illegal content. The reasoning behind this is simple: a link from a legitimate domain is seen as more trustworthy by both users and spam filters. Most often, such links point to text files, tables, presentations, and other documents containing text and a link, say, to an advertised product or phishing page.
Also this past quarter, cybercriminals actively used Google Calendar to send out invitations to non-existent meetings, adding phishing links to fields filled out by the organizer.
Through Google Photos, fraudsters shared photos accompanied by a comment containing information about a money transfer and a contact email address. It’s a traditional scheme: before receiving the promised money, the victim is asked to pay some kind of “service fee”, whereupon the attackers vanish into thin air.
Source: Kaspersky Lab