Over the first week of May, 2017, over two million Google users were affected by a phishing attack. The attack was engineered using Google apps, files and services. Once Google became aware of the attack on its clients, it was able to shut down the pages using a combination of automated and manual interception.
According to Mark Risher, Director, Counter-Abuse Technology at Google, “This week, we defended against an email phishing campaign that tricked some of our users into inadvertently ganting access to their contact information, with the intent to spread more phishing emails.”
How The Campaign Was Structured
An email was sent looking like an invite to a Google Doc from of the contacts in the victim’s contacts. Users would click the link in the email and then be directed to the attacker’s application. The application would then request access to the user’s account under the guise of gaining access to the Google Doc. With the user’s authorization for access, the same message would automatically be send out the same message.
Risher goes on to state, “Fewer than 0.1% of our users were affected by this attack, and we have taken steps to re-secure affected accounts.” It is estimated that Google has over 2.2 billion users. So at 0.1% being affected by this phishing campaign, the absolute number of affected users is estimated at more than two million users. That’s a serious number of users.
How To Protect Yourself
– Take the Google Security Checkup, with special attention to any applications and devices you no longer use and look out for devices you don’t recognize
– Pay attention to warnings and alerts that appear in Google products
– Report suspicious content and emails to Google
Google has many measures in place to help protect your emails and information. However, they need your help. Being knowledgeable of what to look for and reporting it immediately to Google is essential in stopping this type of activity.