An extremely formidable phishing attack has been targeting Gmail users with Google Docs attachments, spreading itself by latching onto the contacts of compromised accounts.
The email is made to look like it has been sent by a familiar contact, suggesting that you click on a “Google Docs” attachment. The user is then directed to a legitimate Google security page, and is requested to give permission to the GDocs file, which will then be able to gain control of the account.
Upon gaining access to the email account via the Google Docs attachment, the full history of sent and received emails becomes available, allowing the malicious attack to send itself on to everyone else, regardless of whether they are Gmail users or not.
This ability to self-replicate means that the attack can grow extremely quickly by multiplying throughout the contacts of nearly a billion Gmail users. Google confirmed the activity of the phishing campaign this week.
This latest instance is not the first of its kind to hit Gmail, as users experienced similar activity in March of this year, and at the time it had also previously been recognised. The previous instance was an insight into the increasing threat posed by phishing attacks, as it too had been designed to look so legitimate that even savvy users were caught out.
An extremely widespread phishing campaign such as this, that is also highly sophisticated, is a prime example of why vigilance must be exercised in being aware of cyber risks. It is advisable to even double check the source of emails, despite how convincing they look, especially when they contain a link or Google Docs attachment for example.
The reality of the threat is that when a hacker has accessed an email account, the sensitive information that is passes through it when you have paid for online services for example is also available. In addition to this, phishing has been found to lead potentially lead to other attacks such as ransomware.
“The latest attack on personal and corporate Gmail users is a stark reminder of the importance of a multi-layered security approach when moving email to the cloud,” said Dan Sloshberg, cyber resilience expert at Mimecast.
“It also highlights the need for ongoing education to help end users spot the tell-tale signs of suspicious emails before clicking links or opening attachments. Employees must exercise the same caution when opening mail on personal email accounts as they do their corporate mail when using a work-issued PC.”