www.malwarebytes.com/blog/news…
Attackers are sending highly convincing fake “Google” emails that bypass spam filters, route victims through multiple trusted Google-owned services, and ultimately direct them to a look-alike Microsoft 365 sign-in page designed to harvest usernames and passwords.
Researchers found that cybercriminals used Google Cloud Application Integration’s Send Email feature to distribute phishing messages from a legitimate Google address: noreply-application-integration[@]google[.]com.
