Cybercriminals are exploiting Google Cloud’s Application Integration service to send phishing emails that appear legitimate, bypassing traditional security filters. These emails mimic routine notifications like voicemail alerts or file access requests, convincing recipients to click on malicious links. The links redirect users to a fake Microsoft login page to steal their credentials. The attack, which targeted over 3,000 organizations across various industries, took advantage of Google’s trusted infrastructure to make the phishing attempts more convincing. Google has since blocked the abuse of its service and is working on additional safeguards.