Google Docs user faced phishing attack; Issue got resolved now

Written By:

If you are a regular user of Google Docs, then be aware! Do not open any invites from others to edit a file, it may be a spam to make you as a victim of phishing scheme.

Google Docs user faced phishing attack; Issue got resolved now

The attacker made use of a different way to phish this time. Without even gaining an access your account with a password, the phishers could harm your data. They did so by taking the advantage of the fact that one can create a web app similar to Google page but with a misleading name. That is, asking a logged-in user to grant permission to a malicious app developed by them.

According to Reddit, here is how the attack took place.

Stay tuned to GizBot for more updates!

Email invitation

Firstly an email invitation will be sent to a victim from the person they may know. This invitation requests you to open the file in Google Docs.

Lets you select among few account

Once you open the invitation, it lets you select among few already logged in Google account. After you select the required account, the attack begins.

Also Read: 11 Google Docs features that you probably didn't know

Asks permission to grant the access

Once done with selecting the account, it takes them to a Google sign-in page and asks them to continue with Google Docs. This helps the attacker to get the access to your mail and address book.

Because when you continue with docs, it is not an original page instead a third party malicious app which is named as ‘Google Docs'.

Developer information title

You can verify it by checking the title for developer information. It will look something like the above picture.

Stay tuned to GizBot for more updates!

Also Read: How to use Google Map to find your parked car

Regarding this, Google says, "We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."

Google took this issue seriously and disabled the application to fix it. Later it confirmed telling that the issue has been resolved.

Source

Read More About google | google docs | apps | news

Please Wait while comments are loading...
Recommended Stories
Opinion Poll

Stay updated with latest technology news & gadget reviews - Gizbot