In a recent development, Google Docs users are experiencing a new type of sophisticated phishing attack which looks genuine and authentic. People who are prone to the attack received an edit file request in Google Docs from yesterday, and while they opened it, the phishing application got access to their address book and email that led further attacks to the people in the contact list.
The Phishing Attack is working in such a way that it sends an invitation to people from someone whom they already know and their details in his contact list. When the receivers access the link, the page takes to the Google sign-in screen which asks permission to continue to Google Docs. The “Google Docs” is actually a malicious app that just named as is to appear it genuine. To make things worse, it works with Google environment and utilizes the option of web apps with the misleading name “Google Docs.” Also, people can’t identify the attack with the URL like simple phishing attacks.
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON’T CLICK. pic.twitter.com/fSZcS7ljhu
— Zeynep Tufekci (@zeynep) May 3, 2017
Once the phishing program got access to someone’s address book, it sends invitations to his contacts. People who are prone to the attack can restrict the access by removing the permission at the Connected apps & sites page in the Google account. The particular app would have listed as “Google Docs” in the page with its access details and authorization date.
Google came with a response and stated that it has taken steps to avoid the spread of the attack and disabled the offending application. “We have removed those fake pages, initiated updates, and the abuse team is working to ensure no such attacks in future. We request all the users not to click those links and report those phishing emails within Gmail,” the firm responded in a statement. Later, Google came up with an official statement that the issue has been resolved.
