E-mails to trap Gmail users to give them access to all of their messages have spread before Google can block them permanently.
E-mails to trap users of Gmail, Google’s email provider, to give access to their contacts and all their messages, spread like wildfire on Wednesday night 3 to Thursday 4 May .
Many users – mostly in the United States but also in Europe – received an email, apparently coming from one of their contacts, offering to share a Google document. In appearance, this e-mail appeared to be legitimate. Especially when clicking on the button integrated in the message, the user was redirected to a page belonging to Google. At this point, he asked the user to allow access to all his contacts and Google documents to a third-party application.
This type of company by Google to allow, for example, sending and receiving its messages with software, not on the site mail.google.com. Except that the application that requested access to emails, despite its name – Google Docs – had nothing to do with Google or Google Docs. In two clicks, users could give access to their contacts and messages to an unknown hacker (s) and be victims of so-called phishing. Once inside, they could take advantage of the contact list of the victim and send a new e-mail trapped to his contacts and thus spread.
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON’T CLICK. pic.twitter.com/fSZcS7ljhu
— Zeynep Tufekci (@zeynep) May 3, 2017
Dangerous Attack on Google DOCs.
Technically, this attack is not revolutionary. But it is very clever, since the precautions recommended to users to prevent phishing were in this case of no help. Check that the site on which the user was brought was a legitimate site? This was the case: the malicious application required access to emails via a very classic Google page. The hacker (s) were able to propose their application without being hindered by Google. They were even able, to appear even less suspect, to call it “Google Docs”.
Some Tips Against Phishing
To find out if you’ve been targeted by this phishing wave, just check, through a search, whether you received a message sent by “firstname.lastname@example.org”. If this is the case, then you must verify that you have not given permission to this application to access your emails. Just check the list of applications allowed, and if the “Google Docs” application is there, remove it. In this case, an unidentified person had access to all your messages and the information contained therein. If you store passwords inside your email box (this is a very bad idea), it is best to change them immediately.