View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
July 7, 2017

Google ramps up G Suite security following Google Docs phishing attacks

With the new measure in place, will we still see phishing attacks like the recently halted Google Docs scam?

By Tom Ball

Google has brought a new measure on board to enhance G Suite security that will provide administrators with greater ability to control third-party data access.

The OAuth apps whitelisting will also allow for enhanced visibility into how third-party applications are using user data with a focus on enterprises.

OAuth works by allowing administrators to choose which third-party apps have permission to access G Suite data of users.

These heightened security capabilities will be beneficial for tackling phishing email attacks, and this links to the recent high profile ‘Google Docs’ phishing attacks that have gained widespread attention in recent months.

Google ramps up G Suite security following Google Docs phishing attacksThe Google Docs attack marked a new level of sophistication for phishing attacks by using the psychological approach of encouraging the user to believe that a friend had sent them a Google Docs attachment.

Upon accessing the attachment, the user would be asked to give permission to the file, and the attack then gained control.

Millions of Gmail account users were caught off guard by the highly convincing trick, as it was replicated rapidly and widely across a body of close to a billion Gmail users. The problem was ongoing but Google has since reclaimed control.

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals
 READ MORE: Google and Facebook confirmed as victims of $100m phishing scam

Gmail has suffered from these problems consistently in recent months, with another attack beginning in January that contained an embedded image. The email would arrive from a familiar contact that has already been compromised by the attack.

The new abilities of attackers to easily personalise a phishing email has proven extremely effective in snaring vast numbers of users. Previously attackers would have had to rely upon acting as a reputable business or person, rather than using their own accounts.

Phishing is not the only simple form of cyber attack that has had caused major damage in recent times, with ransomware at the root of some of the most significant instances in recent times.

Topics in this article : , , , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU