Jueves, 18 Enero, 2018

Users under threat as phishing attack hits Gmail

Eleena Tovar | 04 May, 2017, 17:43

It encourages potentially affected users to run its security-check feature.

You can verify it by checking the title for developer information.

On clicking the link users are directed to a phishing page which looks exactly like the Apple support page and are then asked to enter their ID and password.

"If you have clicked on the link, go to your Google account's page (https://myaccount.google.com/permissions) where you can manage the permissions you've granted to apps (or go through the whole Google Security Checkup)". It removed the fake pages and announced its abuse team was "working to prevent this kind of spoofing from happening again". If you've clicked the link in the malicious email, you can revoke the attacker's access by visiting https://myaccount.google.com/permissions and deleting the "Google Docs" app - which is the one pretending to be legitimate. "The point of the attack isn't clear yet, but it could be a pre-cursor to some larger attack they're planning", said Matthew Gardiner, a security expert with email security firm Mimecast. Google says it is investigating a phishing email that appears as someone trying to share a Google Doc with you.

Gmail users have been warned that their accounts may be vulnerable following a phishing attack sweeping the internet, allowing cyber criminals to gain control of email accounts. Before you open any link, though, unless there's at least some explanation about what it is and even if there is one, always email the other party to check. They achieved it by getting an already logged-in user to grant access to a malicious application posing as Google Docs.

Just to refresh your memory on that: Gmail users started to get emails in which they were notified that someone shared a document on Google Docs with them.

Google said contact information was accessed and used in the attack, but no other information was exposed. So download the latest version of the gmail app from PLay store to use this Anti Phishing feature.

The best way to protect yourself from a phishing scam is to hover over links before clicking on them, and check for any spelling mistakes or suspicious wording.