Google Docs hit with sophisticated phishing attacks. The attack, which as always aims to steal identifiers and personal information, is based on the connection system of Google Docs and, in particular, on an invitation for a shared document. An unusual computer attack that mimicked Google’s cloud-based document software spread across U.S. news organizations and other institutions on Wednesday.
Recipients who fell for scam inadvertently gave the attackers access to their Google email messages and contact list.
|Google Docs users hit with sophisticated phishing attack in their inboxes | IMAGE CREDIT: GETTY IMAGES
Google Docs Invasion Trapped
This is an unusual attack that was identified by Google’s Internet users and teams on May 3, 2017, which explains why it has spread rapidly. It simply begins with an invitation to open a shared Gdoc document, the kind of invitations that we do not distrust. Once the invitation request is opened, the page with all the Gmail accounts you have will open so that you choose the one you prefer to open the document.
This is where the trap closes: instead of sending you back to Google services, the mail trapped makes you open an account on a fake page and recovers, at the same time, your identifiers. The invitation is then sent to all your contacts, which explains the extremely fast spread of the attack. Zach Latta of the Hack Club has made a mini-video to show in detail how this new phishing technique works:
Google reacted and the attack should be blocked
Mountain View’s giant teams seem to have responded to a quarter-turn: in a few hours, they have, according to the official Google Docs Twitter account, managed to block the attack in question. They also announce that they are now working to block all such attacks in the future.
It will nevertheless be necessary to be very careful when opening Gdocs invitations in the coming months because it is possible that other attacks of the same type will spread again. If you ever have any doubts, Google recommends that you check your Gmail accounts for access rights and login locations via this link: https://myaccount.google.com/secureaccount
Source: The Wall Street Journal, BBC News.