Google Email Attack

Yesterday afternoon many users of Google products received an email, in some cases from a trusted contact, that asked them to open a Google Doc. When the user attempted to open the Google Doc link, they received a message asking for permission to access their Google account. Those who gave this permission unknowingly gave their account information to a malicious third-party.

Google blocked this attack within a few hours, but please be aware that a similar attack could happen again, and not just with Google account permissions. Facebook and LinkedIn accounts are also frequently used to access other websites, and these could be used for similar attacks in the future.

Prevention
 
Email scams like this have increased over the last several years along with the number of organizations taking advantage of cloud services. Ultimately, remaining vigilant for email scams is the most effective method to protect yourself and your organization.
 
Check out the US Computer Emergency Readiness Team (CERT) document on Avoiding Social Engineering and Phishing Attacks for more information. Google also has information on avoiding and reporting phishing attacks at https://support.google.com/mail/answer/8253?hl=en.
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.