Google confirmed that they are aware of the scam and have already taken action to protect users against an email impersonating Google Docs by disabling the offending accounts.
The phishing scam followed the same ingredients as other phishing scams by using deceptive emails to get people to open the door to malware embedded emails with the intention of spreading itself to others. The email would be sent from a known email address (possibly a colleague, family member or business contact) and would contain a link claiming that the sender is sharing a file via Google Docs.
By clicking on the link the user will be led to a real Google web address and the user will be prompted to authorise an application which the attacker named “Google Docs”. After granting the necessary permissions, the application will be able to read or send email’s on the users behalf. The application will go out and send the same email to everyone in your contacts list with the hope of them doing the same.
Good news is as of today, May 5th 2017, the application and online domains that the attackers were connected to, have been taken down. However, time is a huge factor and we think that the attackers have been successful to a certain level. This should also raise awareness among users out there as this method of attack doesn’t target an organisation but instead targets everyone who has an email address.
Tips to defend yourselves from such attacks:
- Verify with the sender if in fact they really did send an email
- You can read the email but don’t immediately click on the link/attachment, even though it appears to be from a trusted source
- Keep abreast with all the latest phishing scams going around. This week it’s fake Google Docs, next week it might be fake Facebook notification emails
- If you’re in an organisation, get the best managed IT services around and ensure that they have the best email/spam filtering
IntelliTeK are always up to date with the latest threats to networks and computers which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.