The Google Docs phishing scam could have been so much worse
170
views
After a massive phishing attack masquerading as a Google Doc, millions of people are now hesitant to open their emails.
After a massive phishing attack masquerading as a Google Doc, millions of people are now hesitant to open their emails.
‘Phishing’ scams are designed to steal information or money from your computer, tablet, or phone. Typically, they are disguised as a link in an email, which if clicked will install malicious software on your computer.
loading...
The hack affected over one million users this week, although quick work by the team at Google quickly stopped the attack after reports surfaced on Reddit. Google has over one billion users; the attack affected less than 0.1 percent of Google customers.
The Google Docs scam was more sophisticated than the run of the mill email attack. The hacker created a fake version of Google Docs, which depended on Open Authorization technology which links different accounts. Once someone clicked on the grant permissions link in the fake email, the hacker was granted access to all of their other emails.
The attack appears to have had the biggest impact on schools which use the Google Docs platform. New York University’s Office of Information Security warned students and faculty about the hack via email and gave instructions to those affected.
Local school districts have been affected by the scam, including schools in Illinois, Minnesota, and Oregon. It is still unknown whether schools were specifically targeted in the attack, or simply coincidental.
Google released a statement on the scam via Twitter, explaining what steps they have taken so far to stop the attacks. According to Google, they have, “removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
Thankfully, Google caught on to the attack and shut it down quickly, unlike past attacks on Yahoo, Tumblr, and Adobe. Otherwise, any one of us could have been the next leaked-email scandal.
loading...
Loading...