Sorry for the too short post.
Today our admin found suspicious emails while analyzing blocked emails on our mail server. Along with the text about bored girls, there was such a link in the letter:
(it is better to click in incognito mode)
https://script.google.com/macros/s/AKfycbyH1OnBBjKdW3KIeveVeG6WB1eat_cAwHnq8m_7OWTkejNKTg7H6jfzI25YwhstjLaEfQ/exec?b3VkYX0Jkb5YmWg=
After a click, Google captcha opens for a moment, then an automatic redirect to the attackers' site takes place.
It looks like they are using some kind of hole in Google scripts to mask phishing and simply suspicious URLs.
Are there Google or Kaspersky employees? Who should I send this information to?