Google Docs is the latest cybercriminal weapon to carry out phishing attacks in an attempt to steal sensitive data from victims. Who discovered the trick was the security company Avanan, which on Thursday (17) explained how the scam works.
According to analysts, cybercriminals are using features in Google’s suite of applications to create and share links that redirect to fake websites. After coding a page with the same layout as Docs and hiding the link on it, they use their own tool to render it.
With the “Publish to the web” function, cyber criminals generate a link identical to any real one used to share files. In this way, attackers are able to bypass the security features of email services, which are designed to detect suspicious web addresses.
The next step is to email the disguised real domain link to the victim, who will not be detected as a threat. Upon opening the message and clicking on the suggested link to download a supposed document, the user is taken to a malicious website, similar to the Google login page, where their access credentials must be collected.
According to the security company, an attack similar to this one has already been identified on services such as FlipSnack, MailGun and Movable Ink. But in larger tools like Google Docs, it’s the first time they’ve detected the scam.
To avoid such fraud, the best tip is to check the sender’s email carefully, keeping an eye out for possible abnormalities, in addition to not clicking on links sent by strangers. For companies, the suggestion is to invest in new layers of security to identify unusual activities.
Responsible for the app suite, Google has not yet commented on the case.