Recently i.e., on the afternoon of May 3rd, 2017, a phishing attack got initialized showing up in the inbox of Gmail users, enticing to lurk them into thinking that one of their contacts is sharing or wants to share a Google Doc with them. The appearance of the attack has been reported completely legitimate as well as reliable, as the shared link appears to arrive from a familiar contact. The particular email onto getting opened, furnish the users with information that someone desires to share a Google Doc with them and thus that ‘Google Docs’ is requesting permission to read, send, delete the emails and manage their contacts. Furthermore, users are provided with buttons saying Allow and Deny.
Here the Allow button on getting tapped, reroutes the users to a Google account sign in page which on getting signed enables the attack to spam the entire contact list with the same phishing email. According to experts, Google caught the scam almost instantly and states that only about 0.1% of the Google users were compromised by the hack. Now although the magnitude seems smaller, but approximately it has been reported to around 1 million accounts to be victimized.
Working Procedure Of Google Docs Phishing Scam Attacks
The most peculiar thing about this particular phishing scheme is that it has not arrived from certain fake domains or the malware. Instead it had made usage of Google’s own system against it. Actually the application requesting permission used in this scam attack is a genuine, 3rd party application who worked within Google system of granting apps access to the victim’s information at the instant of time when they authorize them to implement so via utilizing the Oauth regarding authentication.
Researches clearly report that nowadays majority of the web users do have tendency of tapping the ‘Log me in with a Google account’ or ‘Log me in with a Facebook account’ etc. So, in these cases, instead of creating a login and password for the each utilized app, the users utilizes a token from any one of these services for granting permission. The main reason responsible behind going for this option is the convenience and completely surpassing of the two-factor authentication since the authentication procedure has already been accomplished with the original service i.e., Google. Now although the service appears highly authentic as well as beneficial and interesting at first glance, but here in this case the twist is that the crooks have developed a 3rd party application and had asked for the permission to access the account stuff. Here the users have been tricked via naming the apps ‘Google Docs’ since it appears legitimate.
Despite all the legitimate looks, promises and claims, one can easily detect the Google Docs Phishing Scam Attack via the email address who it is addressed to. In the case of this particular scam, the scam emails have been reported addresses to [email protected] If one seriously believes that he/she might have accidentally tapped the link, then in that situation it is kindly advised to instant modify the password for the Google Account and any online account where the same password has been utilized. Moreover, Google has also furnished the users with Gmail on Android app to alert then to the potential Google Docs Phishing Scam Attacks.