04 May 2017, USA:
Be extra careful today if you’re using Gmail. Google has confirmed that Google Docs users were hit by a major phishing attack which arrived in users inbox posing as an email from a trusted contact and asked users to check a Docs file. The fast spreading phishing attack has targeted around 100 crore users.
A reliable Google Doc invites you to edit a document and has the blue Google Docs logo next to the doc name. The bogus e-mail that went out Wednesday, which USA TODAY received, doesn’t state the name of the doc, nor have its name or Google Docs logo.
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON’T CLICK. pic.twitter.com/fSZcS7ljhu
— Zeynep Tufekci (@zeynep) May 3, 2017
This big phishing attack is clever; an OAUTH based attack. Tricks you into giving “permission” to read your emails a fake Google Docs app.
— Pwn All The Things (@pwnallthethings) May 3, 2017
“Google HR has sent you a job offer in Google Docs.”
Not today, Satan.— SwiftOnSecurity (@SwiftOnSecurity) May 3, 2017
An official statement from Google, saying the attack has been stopped: “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
Gmail has introduced a new security feature in Gmail on Android to help you keep your email safer. When you click on a suspicious link in a message, Gmail will show a warning prompt helping you keep your account safe. Here’s what you’ll see:
The company stated in a blog post, “While not all affected email will necessarily be dangerous, we encourage you to be extra careful about clicking on links in messages that you’re not sure about. And with this update, you’ll have another tool to make these kinds of decisions.”
We’ve addressed the issue with a phishing email claiming to be Google Docs. If you think you were affected, visit https://t.co/O68nQjFhBL. pic.twitter.com/AtlX6oNZaf
— Google Docs (@googledocs) May 3, 2017
The attack was simple but sinister. You receive an email. It’s from someone who has emailed you before and happened to have you in their contacts. They were “sharing a document” with you. Click the button to open the document, and you’d see a seemingly innocent page — one hosted by Google, no less! It wouldn’t ask you for a password, and it already listed all of your accounts. The page was asking you to give a “Google Docs” app permission to read your email and contacts. The trick: That “Google Docs” app wasn’t actually Google Docs at all, just one somehow masquerading under the name. Even if you were generally dubious of these sorts of things, it checked a lot of the right boxes. But click “allow” and bam — the mystery attacker now had inbox access and was fwd’ing the bait to everyone in your contact list. (Image- Google blog post)
Also read-
- Son of Russian MP- A Convicted Hacker Sentenced to 27 years
- Google, Amazon, eBay Discreetly Removes Support for Apple Watch