Sign in

Google Docs used in latest phishing attack

By: Lisa Marlin

May 3, 2017

A widespread phishing attack using a fake Google Docs link is currently hitting inboxes. This is a good time to be extra cautious about clicking links, even from someone you know, especially if you’re not expecting a shared doc from them. If you click, it takes you to a page to open the “Google Docs” app with your Google (GOOG) account. This grants access to your email account and contacts. Below is a screenshot of an email one of our staff received today.

According to reports, hackers created a malicious app and named it “Google Docs,” which looked trustworthy. Google uses an authorization system called OAuth, which uses security tokens instead of passwords to connect Google accounts with third party apps. Because the malicious app looked legit, it essentially tricked users into trusting it with their security token — which is all that was needed to access the accounts.

Google says it is investigating the phishing scam and advises people not to click on the link and report any phishing attempts to the company.

“We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts,” Google said in a statement. “We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

This latest attack comes on the heels of the recently released Verizon 2017 Data Breach Investigations Report that analyzed more than 2,000 breaches from 2016 and found that over 300 were related to espionage – 62 of which stemmed from phishing emails.

According to the Verizon report, ransomware attacks have doubled in frequency across all industries and are now the fifth most common specific malware variety. The healthcare industry was the second-most targeted industry at 15 percent of incidents, just behind the financial sector that had 24 percent of total incidents in 2016. 

PrivaPlan strongly recommends phishing training for your employees. Read our post earlier this year about phishing attacks to learn more.  

To find out how the HIPAA experts at PrivaPlan can assist you with phishing testing, and the many other services we provide, contact us at info@privaplan.com or call 877-218-7707.