Learning From The Massive Google Docs Phishing Attack

Recently, a sophisticated and very convincing phishing attack invaded the inboxes of millions of Gmail users, posing as an email from a trusted source, enticing people to open a Google Doc. Once the user clicked on it, they were asked to give permission to the fake Google Docs app (entitled GDocs). These permissions included reading, sending, deleting, and managing the users’ email account.

This attack spread quickly, as person after person clicked through and gave permission to the fake app. However, Google also acted swiftly, and shut down the attack within an hour. Google later reported that 0.1 percent of Gmail users were affected, which doesn’t seem like a lot, but given Google’s amount of users, Forbes estimates that around one million people fell for the scam.

Google reported that no email content was actually accessed, only users’ contacts: “While contact information was accessed and used by the campaign, our investigations show that no other data was exposed.”

Phishing attacks like this happen all the time, but usually on a smaller scale. A recent Internet Security report shows a 55 percent increase in phishing campaigns that targeted employees at businesses of all sizes. After the Google attack, there’s no question that everyone is at risk these days. As a result, it’s becoming increasingly important to know how to identify a fake email without falling prey to its bait.

PHISHING INDICATORS

 

Previously, we wrote about several ways to spot a phishing email.

Most of the time, phishing emails are quite sophisticated and look very authentic and legitimate. Here are eight examples of things to look for:

  1. A sense of urgency: “Hurry,” “ASAP,” “need this done by…”
  2. A threat: “We will suspend your account.”
  3. Directions to do something: “Validate,” “‘verify,” “confirm,” “update.”
  4. Requests for personal information: SSN, address, account information.
  5. Unknown web addresses: These may be doctored to look legitimate.
  6. Fake/poor quality images.
  7. Poor spelling/grammar.
  8. Improbable scenarios.

BEST PRACTICES

 

The next time you get a suspicious-looking email, follow these best practices:

  • Ask yourself: Was the email expected? Do I know the sender? Is the request in the email normal?
  • Hover your cursor over the link…Is it legitimate? Look at it closely!
  • If the email is from someone claiming to be a person you know, call that person to verify if they sent the email.

THE MAIN INDICATOR THAT IT WAS A SCAM

 

Even though the Google attack was sophisticated and very convincing, there was a key indicator that it was a scam: the emails were addressed to hhhhhhhhhhhhhhhh @ mailinator.com. Phishing emails usually have something spelled wrong or seem “phishy,” and usually target large volumes of people. You may have also heard of a newer, more precise, method of targeting, called spear phishing. Like phishing emails, spear phishing attacks pretend to be a trusted source. While phishing emails target many people, spear phishing attacks usually target only a few, specific people that have been researched beforehand. Spear phishing attacks are much more successful because the perpetrators have done the research and customized the email, and can be harder to identify as a fake.

This phishing attack proves that organizations (and everyone in general) need to be more conscious of the emails they receive, and aware of what a phishing email looks like. It’s critical to continuously educate and train your employees on ways to identify and avoid these scams. We recommend sending information and tips regularly to all staff to keep this information top of mind and reduce your risk of getting infected.

Can your organization do more to educate your employees about phishing attacks?

 

Bob Bally

Bob has been providing technology solutions to Clients for 18 years. With a focus on forward thinking, Bob plans long term solutions for Clients with scalability as a priority. As a former Operations Officer, Bob understands the need for reliable outsourcing solutions. Clients that work with Bob find their Organizations more efficient and productive after contact. Bob's passion is to exceed the Client's need in all ways possible.

Published

June 5, 2017

Posted by

Bob Bally

Subscribe

Sign up to receive the Aureon Weekly Update.