Phishing Campaign Weaponizes Google Docs Feature
The attack starts with the hacker adding a comment to a Google Doc, which mentions the target with an @. This ensures that the email, including the bad links and texts in the entire comment, is sent directly to the target’s inbox.
