Web-based word processor Google Docs is being actively exploited to disguise dangerous web domains, as cybercriminals have found a way to conceal attacks behind standard Google Doc's URLs, which can be delivered to victims via email without triggering security software. The loophole can be exploited to redirect victims through to malicious web pages, which could be set up to siphon personal details and account credentials, or rigged with malware.