Google Docs is popular amongst users from different industries. It is the most comprehensive alternative to the Microsoft Office Suite. As per usual, cybercriminals have realized the potential of using this service to attack users and steal their data. According to a recent report from Cofense, cybercriminals found a smart way to trick users into opening phishing emails. They disguise them as Google Docs requests.
Hackers have been using cloud services to deliver malware for a while now. Every time they get more and more creative with their approaches. Users should educate themselves on this latest exploit, so they would avoid falling victim to it. Here’s all you need to know.
How Are Cybercriminals Abusing Google Docs to Exploit Users?
These phishing emails come from a hacked automated email account. It has privileged access to CIM Finance, a well-known finance service provider. Hackers knew that having access to CIM Finance’s account will allow them to bypass all email protection checks. So they decided to attempt it on a much larger scale.
Once the malicious actors accessed their website, they used it to send a large number of fraudulent emails. They looked as notifications from the IT department, notifying users that their Office 365 license has expired and urging to renew it. Before that, hackers had set up a fake Microsoft form hosted on Google Forms, with an authentic SSL certificate.
It tricked users into thinking that they’re actually accessing Microsoft’s official page. And it resulted in them entering their login credentials. Little did they know that their account details are going somewhere else entirely.
How to Recognize These Phishing Efforts?
Hackers are quite detailed in their efforts to trick users. But there are still a couple of giveaways that you should be aware of. For one, they capitalize half of the words without any logical explanation or reason. Then, they also replace some letters with asterisks. And finally, when you enter your login credentials on these fraudulent pages, usernames and passwords appear in plain text. A reputable company would never allow it.
Moreover, Scamicide has reported another way that hackers use to exploit Google Docs. Victims would receive an email that says something along the lines of “John Doe sent you a document via Google Docs.” Once the users open the link, the culprits gain access to all their emails and contact lists.
You can recognize this by checking the sender’s email address or by checking the name of the person who had allegedly sent the document.
How to Protect Yourself from Phishing?
Phishing has become one of the most popular ways of stealing user data. Everyone should educate themselves on warning signs and implement other security measures. Here are some suggestions:
Browse securely with SSL/HTTPS:-
“You can install an SSL certificate like Comodo PositiveSSL Wildcard on the website to secure sensitive information online, such as credit card or banking details. Before visiting any website you should check that website is secured by SSL Certificate or not. In your web Browser address bar you can check padlock symbol for security. This padlock symbol can show that your established connections are secured.”
Don’t Open Suspicious Emails and Links
If you see an email from a company or a service that requests your login credentials or tries to forward you to another page, don’t open it nor click it. Always check the sender’s email address first and never download anything before checking. Or go to their website directly to see if there are any messages for you,
Use Antivirus and VPN Software
Antivirus software can protect you from phishing attempts by scanning, recognizing, or terminating connection from suspicious websites. Meanwhile, VPNs encrypt your traffic, which deems it unusable to hackers. Some VPN providers, such as NordVPN, also come with CyberSec features that block access to known phishing sites. And they also have lots of privacy-related perks, but that’s a different story.
Use Two-Factor Authentication
It is useful because, even if the user had fallen victim to a phishing attack, the hacker wouldn’t be able to access their account. They would need a second step to do it, for example, one-time pin code from an app or email.
Employ a Sender Policy Framework
Sender Policy Framework is an email authentication tool designed to detect and block fraudulent emails. It is useful for large companies, where the number one cause of data breaches is human error.
User vigilance and education on potential threats and risks are also vital for ensuring a risk-free online environment. The digital world is full of dangers and malicious actors who want to gain profit by exploiting companies and individuals.
Your sensitive information has a massive value on the dark market, so hackers keep coming up with new ways of how to steal it. Prevention and diligence are the most important aspects of maintaining one’s online safety.
