Google scam: threat alert

Thursday 4th May 2017
Even Google can be scammed

A new Google Docs phishing scam just reared its head hours ago, and spreading like wildfire. Google is taking action to stop it, however: be super, super wary of Google Doc invites for now. If you fall for this one (and plenty of otherwise eagle-eyed people have already), it’ll blast out the bait to everyone on your contact list!

Clicking the link takes you to a real Google-hosted page, with a list of your Google accounts ready to click. You are asked to select an account and provide an app called “Google Docs” —  amazingly they were somehow allowed to name a third-party app “Google Docs” — with account permissions. As soon as you click the “ALLOW” button, this not-at-all-actually-Google Docs app now has permission to read your emails and email all your contacts… the latter of which it’ll start doing pretty much immediately, spreading the worm to pretty much everyone you’ve ever emailed.

This one is super sneaky; pretty much the only way to detect it before falling for it is to click the small “Google Docs” link on the actual Google-hosted page and notice that the developer info seems… off.

"Someone created a malicious app in the name Google Docs. While it had an official sounding name, it was far from it.  Since the awareness of phishing campaigns has been rising over the years, criminals have to increase their tactics to levels such as spoofing official apps such as Google Docs, “ contributes (right)  Tyler Reguly, Manager, Security  R&D Tripwire.  “Not only does this have a casual appearance of being legitimate, by being part of the official marketplace the link in the email went back directly to legitimate Google servers.  For those that are trained to validate the link before clicking on it, this passes two of the common techniques the majority of internet users are trained to not click on every link they come across (does it come from someone you trust and validate the link is going to a trusted source)..

"Once you click on the link, the application will ask for permissions to your email account. If granted, it will begin to use your account to send out further spam emails. At this time, there does not appear to be anything malicious in the sense of stealing sensitive data, however having your account compromised in this manner can still make you feel violated. If anyone clicked through and granted permissions, it is a simple process to remove the access. Navigate to and remove the permissions for the “Google Docs” application.

"One important thing to note. Within an hour of the initial report being posted to Reddit, Google had put a fix in place to mitigate the threat."

"Phishing attacks continue to plague businesses as it takes just one employee to possibly give hackers access to an entire network,” comments  Brian Laing (Left) Lastline VP. “ While this latest attack is done well, it still is a relatively simple phishing attack, and should serve as a reminder to businesses that, despite all of the advanced malware and sophisticated attacks, criminals still sometimes use old schemes. Employees should be reminded to always be on their guard and look closely before entering credentials, clicking on links, or responding to suspicious emails. Should, or rather, when an employee falls victim to phishing, criminals are capable of using whatever is initially compromised, such as credentials, to eventually gain access to a system, or a network, and install malware to further the attack. Accordingly, it is imperative that businesses adopt advanced malware protection to quickly identify and mitigate sophisticated evasive malware in the unfortunate, but all too likely, event that an employee lets down their guard."

Custom Search

Scotland, Computer News in Scotland, Technology News in Scotland, Computing in Scotland, Web news in Scotland computers, Internet, Communications, advances in communications, communications in Scotland, Energy, Scottish energy, Materials, Biomedicine, Biomedicine in Scotland, articles in Biomedicine, Scottish business, business news in Scotland.

Website : beachshore