Hackers exploit Google Docs in new phishing campaign

2 years ago 346

Attackers are taking vantage of the remark diagnostic successful Google Docs to nonstop radical emails with malicious links, says Avanan.

phishing-via-internet-vector-illustration-fishing-by-email-spoofing-vector-id665837286.jpg

Image: GrafVishenka, Getty Images/iStockPhotos

One of the favourite tactics of cybercriminals is to exploit morganatic products for illegitimate purposes. And the much fashionable the product, the greater the chances of success. A caller study released Thursday by email information supplier Avanan looks astatine a new phishing run that abuses a fashionable feature successful Google Docs to deploy malicious emails.

SEE: Social engineering: A cheat expanse for concern professionals (free PDF) (TechRepublic)  

To assistance radical collaborate connected the aforesaid documents, Google Docs offers a remark feature. When adding a remark to a document, you tin see the email code of a idiosyncratic to whom you privation to delegate a related task. That enactment past triggers an email to the assigned person.

In this peculiarly devious campaign, the attackers adhd a remark to a Google papers and past notation the people by typing the @ awesome followed by an email address. The afloat comment, however, includes a malicious nexus that volition trigger a malware corruption if activated done the sent email.

Discovered by Avanan successful December 2021, the attacks person chiefly deed Microsoft Outlook users but person besides affected recipients connected different email platforms. So far, much than 500 inboxes person been targeted crossed 30 antithetic organizations with the hackers utilizing much than 100 antithetic Gmail accounts.

This benignant of phishing run tin sneak past accepted information defenses and cautious scrutiny for a fewer cardinal reasons.

First, the email itself comes from a morganatic Google service, truthful it's apt to evade detection and beryllium trusted by users astatine archetypal glance.

Second, the email includes conscionable the attacker's show sanction and not their email address, which means anti-spam filters whitethorn neglect to drawback it. And since the hacker tin spoof the sanction of a trusted workfellow oregon contact, the recipient mightiness much easy autumn for the scam.

Third, the unfortunate doesn't adjacent person to entree the papers arsenic the malicious payload is contained solely successful the email. The attacker request not adjacent stock the document, arsenic simply mentioning the recipient's email code successful the remark volition bash the trick.

Avanan said that it informed Google astir this exploit connected January 3 done the Report Phish Through Email fastener successful Gmail. However, users inactive request to beryllium connected the lookout for this attack. To assistance radical support themselves from this scam, Avanan offers the pursuing tips:

  1. Before you click connected a Google Docs remark successful an email, cross-reference the email code successful the remark itself to marque definite it's legitimate.
  2. Keep successful caput the accustomed cyber hygiene habits, specified arsenic scrutinizing links and scanning for grammatical errors.
  3. If you're wary of a peculiar Google Docs remark email, interaction the existent sender to spot if they sent you the comment.
  4. Make definite you and your enactment usage beardown information protection, peculiarly crossed record sharing and collaboration services.

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also see

Read Entire Article