Home ShawThing Google Docs – massive phishing attack

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Google Docs – massive phishing attack

Some Google Docs users, mainly in the US, have been victims of a massive phishing attack that potentially gave attackers access to their email, address book, calendar, and docs.

Google raced to patch the issue so this article is a commentary on why so many people were fooled into giving hackers their Google login credentials.

The answer is that we are generally a trusting lot and when asked to do something we do. In fact, Glasswall, a secure email service, recently commissioned a survey that found an astonishing 82% of respondents usually or always open email attachments if they appear to be from a known contact. Of these, 44% open these email attachments consistently every time they receive one, leaving organisations highly vulnerable to data breaches sourced to malicious attachments.

Worse 58% usually opened email attachments from unknown senders. This simply shows what value all the education and media coverage about the prevalence of sophisticated social engineering attacks has achieved – nothing!

Additional survey findings included

  • 33% admitted to being a victim of a cyber attack and a further 24% said they may have been a victim.
  • 55% said they sent or received at least 11 documents via email every working day, meaning there are 2,585 potentially malicious files in circulation from a single employee each year.
  • 20% said the business they work for has no policy on how to handle email attachments, or they have not been made aware of it.
  • 5.5% thought "other" types of attachments were suspicious, which included various types prize-winning links or emails with multiple addressees.
  • 15% said they always or usually trust email attachments sent by people they have never heard of.
  • Only two people named Word documents as being suspicious and only two said they regarded "spreadsheets" as a potential threat, despite the continuing prevalence of these file-types in the perpetration of successful cyber-attacks.
  • 58% said they would feel safer from cyber-crime if their employer had the right technology to protect them.

Simon Taylor, vice-president of products at Glasswall, said, “Cyber criminals know that productivity suites like O365 and Google, as well as dynamic documents and other types of shared files, are the lifeblood today’s internet users. This includes consumers and employees of massive corporations, and often they’re one and the same.”

Greg Sim, chief executive of Glasswall Solutions, said, "Employees need to trust their emails to get on with their work, but with 94% of targeted cyber-attacks now beginning with malicious code hidden in an email attachment, the security of major businesses should no longer be the responsibility of individual office-workers. Conventional antivirus and sandboxing solutions are no longer effective and relying on the vigilance of employees clearly leaves a business open to devastating cyber-attacks that will siphon off precious data or hold the business to ransom."

Taylor told iTWire that the Google attack shows it only takes one or two clicks by a recipient to unknowingly open a weaponised link — in this case — or spreadsheet, slideshow or PDF and trigger an attack in many other cases. Attackers are becoming increasingly clever with their tactics and organizations and security tools must change the way they identify threats as new systems and methods are developed by nefarious actors.

While the threat has been mitigated for now by Google, this will not stop the ever-expanding theme of clever phishing tactics by malicious actors.

There is a good explanation of the Google attack here.

Proofpoint's Ryan Kalember, SVP of Cybersecurity Strategy, said, "The recent Google Docs email phishing attack leveraged some techniques that had previously been more associated with state-sponsored threat actors.

"That said, it was not necessarily larger in scale than any of the regular phishing campaigns that target Google, Microsoft, and other credentials. Cyber criminals continue to use carefully engineered messages to steal email account credentials because they are the gateway to all other digital account access including banking, social media and contact lists.

"Our initial analysis shows this attack was targeting organisations of all types, including the education, technology, financial services, and travel sectors. Based on the success of the initial attack, we would expect copycats to try and snare victims with similar campaigns.” 


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!