![]() It could also be used for a public dump of VIP e-mails, like what happened to the DNC. In the future, this method could be used for more phishing attempts, since the nefarious party knows your e-mail and product combinations. For a time, the worm had total access to the victim's e-mail, so, in addition to spamming all your contacts, it could have copied all your e-mails (and all your Hangouts chats) to a third-party server. Google also auto-revoked the permissions from everyone's account. The company shut down the OAuth request and redirected users to an error page. The downside (or upside?) to having a worm so closely tied to Google's infrastructure is that Google has some control over it. Also, rather than redirecting you to a Google page, the phish tried to load a few different "Google sounding" URLs, in this case "." This showed you the developer info, which, rather than Google, was a random person with the e-mail Genuine Google apps use OAuth all the time, but if you open the developer info you'll see something with an e-mail. ![]() The trick was that the app claiming to be "Google Docs" wasn't really Google Docs. The screen showed a third-party app with the name "Google Docs" and a profile picture that matched the Google Docs logo.įurther Reading All your Googles are belong to us: Look out for the Google Docs phishing wormThe only way to tell the whole thing was a scam was to click the down arrow next to the "Google Docs" name. 09:00 AM 0 A new trend in phishing attacks emerged in December 2021, with threat actors abusing the commenting feature of Google Docs to send out emails that appear trustworthy. Clicking on the link brought up an authentic Google log-in page, served up from Google's servers. Then you were presented a real Google OAuth permissions page, also from Google's servers. The e-mail was great-it used the exact same language as a Google Docs sharing e-mail and the exact same "Open" button. The interesting thing about this worm was just how convincing it was. The worm then e-mailed everyone in your contacts list before doing god-only-knows what else to the victim's e-mail. If you clicked "Allow," the permissions granted it full control over your e-mail and access to all your contacts. Clicking on the "Open in Docs" button asked you to log in to Google, then it popped up a familiar OAuth request asking for some permissions. It sent an e-mail claiming to be from a friend or relative who wanted to share a document with you. Or quite possibly being without your computer while your computer technician cleans up the mess.Google has since shut down the OAuth link.Īn evil phishing worm masquerading as "Google Docs" took the Internet by storm today. Just imagine how long it will take to sit down and change all your passwords as well as other personal information later. It will cost less to pay attention now than it will later. Take a few extra minutes to login normally. We all understand how important business is. By doing this it will not ask to give permission to third parties like the scam is doing. The other ways to combat this is to not click any links in the Google Docs shared email. Are there typos in any part of the document? You have to ask yourself am I expecting a document from someone? Or check to see who it’s addressed to. For instance, in the case of the current Google Docs scam. As users we have to be more vigilant and question more often. We have always chased the “Robbers” as that’s the name of the game. While the hackers and the scam artists are the “Robbers”. You and the security firms like Kaspersky and Sophos are the “Cops”. Think of it like the good old game we played as kids “Cops and Robbers”. Hackers and scam artists are always steps ahead, which will never change. A n alarming phishing scam began spreading around the internet Wednesday in an attempt to access Google accounts through an email embedded with a fake Google Docs file. Phishing scams are getting worse and looking more legitimate with each day that passes. This is nothing new and this exact type of Google Docs scam has been done before. I keep tripping over this Google Docs phishing scam. You can report behavior that you consider to be a violation of Googles Terms of Service or program policies. Last night I was reading news from many different sources.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |