Google Docs Phishing Scam Emphasizes Safe Email Habits

09 May, 2017, 03:41 | Author: Kristi Walker
  • Google Docs Phishing How you can make your Google account secure

This particular attack tricked users into authorizing access to the fake Google Doc application through a mechanism called OAuth, and then attempted to gain more victims by sending the same message to everyone on the user's contact list.

We realize people are concerned about their Google accounts, and we're now able to give a fuller explanation after further investigation.

However, experts say it was actually a phishing scam dreamed up by a college student. But in a statement late Wednesday, Google said that while the campaign accessed and used contact information, no other data was apparently exposed.

Upon detecting last week's attack, Google "immediately responded with a combination of automatic and manual actions that ended this campaign within an hour", Risher wrote in the post.

Users don't have to take additional action, although Google encouraged those who want to be extra safe to run its security check feature.

Although 0.1 percent of Gmail users sounds small, it's likely well over 1 million people, since Google reported that Gmail had 1 billion users as of February 2016. But it's a good excuse to check your Google account to verify everything connected to it. Once clicked, your information could be compromised.

What was scarier is that when he clicked the link, it took him to a very real-looking Google.com URL that masks itself as a sign-in sheet.

That's why it's important to use different passwords for different sites and even occasionally change them. Google lets you generate passwords for apps that don't support its two-step verification system, but there's no need for them in any Google-branded apps in iOS 8.3 or later, and OS X 10.10.3 Yosemite or later. Any affected end-user who continues to have his account's access requires doing the things that would obliterate the bogus application's permissions following which he must reset his password.

It's not the first time attackers have used Google's OAuth for phishing.

Recommended:



Popular

Man 'Crushed' By Obese Passengers Sues Airline
His attorney said the wide-body case could lead to a push for airlines to make their economy class more comfortable. Wollongong man Michael Anthony Taylor is seeking more than $100,000 in damages from American Airlines.

Swansea the big winners as EPL relegation fight heats up
Palace are still anxiously looking over their shoulders at the teams below them, sitting four points above Hull. The 20-year-old came off the bench for the last 12 minutes, replacing Mason Holgate, and he did not disappoint.

Panel Rebukes United, Other Airlines Over Passenger Treatment
David Dao, a passenger on a United flight, was treated "in a way that no customer - no individual - should ever be treated". Police were summoned, and Dao, 69, was dragged bloodied from the flight as other passengers captured the scene on video.