This is a great way to keep tabs on what has permissions to your account and where your account is being accessed. Performing the Security Checkup, linked above, on a regular basis.
Do not be afraid to ask for help if you are not sure if a link is safe. Taking a second look before clicking could save you or your organization a lot of time and money.
While Google quickly reacted to shut down this scam and disable the affected accounts, this method is likely to be seen again. Instead, you were being asked by Google to give permissions to an attacker. You were not directed to a page impersonating Google, as is typical for these types of attacks. What makes this attack significant is the malicious use of a real web app developed for Google accounts. Clicking ‘Allow’ will grant that Gmail user access to your account. Additionally, the attacker has permissions to your account which can be used for further attacks.Ĭlicking on the ‘Google Docs’ link on this permissions page reveals that the web app was developed by a miscellaneous Gmail account.
Granting these permissions will result in your account immediately sending the same email to everyone you have ever emailed. This extension is malicious and is not the real Google Docs.
#GOGOLE DOCS PHOISHING FULL#
The link leads to a legitimate Google page requesting full permissions for an extension called ‘Google Docs’ to your email and contacts. This is an indicator of an illegitimate email. This email looks legitimate but you can see it includes an unexpected ‘To:’ address as shown below. The scam starts with an email from someone that has sent you an email before, who had likely been recently compromised. If you granted the permissions, the attacker had the ability to read and send from your email account as well as manage your contacts. The email appeared to be sharing a Google Doc and contained a link to a legitimate Google webpage, requesting permissions to your account. Phishing Tip: To avoid becoming a victim of a phishing attack (when scammers try to obtain people's personal and financial information), never click on a link or attachment in an email from a sender you don't recognize.Yesterday afternoon a unique phishing attack impersonating Google Docs quickly began spreading via email. In the example posted, the send er is urging the recipient to click on the Google Doc. The user may not notice anything suspicious, but logging in could have big consequences for their bank account. The page will redirect to an actual Google Docs document.
#GOGOLE DOCS PHOISHING PASSWORD#
If the user logs in on the fake Google Drive site, their username and password are sent to a compromised web server. Symantec reports the only difference seems to be that it doesn't recognize the user (with a photo, if you normally have that on on your Gmail account, although that may not show up on the real site, either, depending whether you have cookies enabled.) All of Google" slogan and the same little icons below for Gmail, Google Drive, Google Maps, Google+ etc. The fake Google Drive login site looks eerily similar to the real one with Google's signature "One account. Here, he or she is asked to enter the username and password for their Gmail account. Instead, the user gets directed to a fake Google Drive login page (a small difference that most users won't notice) that looks like the Gmail login page. But when the recipient clicks on the link, it does not go to Google Docs. The scam starts with an email that urges the recipient to view an "important document" on Google Docs by clicking on a link. It tries to trick Gmail and Google Drive users into giving up the username and password for their Gmail account. A Google Doc email phishing scam is making the rounds.
0 kommentar(er)
