Using services that offer Cloud Storage services such as Google and Microsoft

Attackers aim to get users to click on Google or Microsoft disk addresses by downloading malicious files to the drive. 



**Using services that allow creating free subdomains such as Microsoft, Wordpress, Blogspot, Wix**

    Attackers use these services to create a free subdomain in an effort to trick security software and analysts. Since a subdomain cannot be used to check for whois information, it is clear that these addresses have already been acquired and belong to organizations like Microsoft and Wordpress. 

Form Applications

    There are services that enable free form creation.

Attackers employ these services as opposed to setting up their own fishing site. The domain can reach the user without getting caught in antivirus software because it is safe to use normally. An illustration of these services is Google Form. The attacker can deceive analysts by making the domain appear to be Google when looking at whois information.