Hackers use Google Docs for attacks

At the end of December, a new wave of phishing attacks was identified, mainly targeting Outlook users. The security researchers found out that attackers abuse the "comment" function of Google Docs to distribute malicious links via a phishing campaign.

Phishing-Angriffe
©depositphotos

Security researchers at Avenan, a Checkpoint company, observed a massive new wave of hackers exploiting the commenting feature of Google Doc applications in December. In October, Avenan first discovered that the commenting feature of Google Docs, Sheets and Slides could be exploited to send spam emails. Accordingly, the known vulnerability has not yet been closed by Google.

The attackers target Google Docs and Spreadsheets users by adding a comment to documents mentioning specific users with an "@", which automatically sends emails to the users' Outlook inboxes. The mail sent via Google can then contain both text and malicious links. So far, the attackers have primarily targeted Outlook users over 100 different Gmail accounts. Since the mails are delivered directly via Google, they are usually not detected by antivirus programs and firewalls.

Jeremy Fuchs, Cybersecurity Researcher/Analyst at Avenan, advises users to contact the legitimate sender and confirm the validity of the message if they are unsure. Avenan also recommends users check any email addresses in comments to make sure they are legitimate before clicking on a Google Docs comment.

Source: alltechnews.com

(Visited 87 times, 1 visits today)
h2> More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link