Google Documents becomes the latest mask for widespread phishing attacks.

Google Documents is one of the most used applications in business for sharing and collecting data from multiple entities. Now, hackers are using sophisticated pages to mirror those of Google Documents log-in screens hoping to trick users into offering up their valuable log in information to not only steal data but increase the reach of the attack to make the impact even more widespread.

Google Docs Creation and Why It’s Prime for Phishing Attacks

Since Google Docs was initially released in 2006 along with a suite of other services, Google Sheets, Google Slides, etc. it’s been able to carve out a noticeable portion of the cloud based services market. As with any new technology, hackers and so called “social engineers” are never far behind the security curve and Google Documents is no different. Since so many people utilize the Google Documents application, it’s prime for simple, yet effecting phishing attempts. With hundreds of thousands of Google Documents being accessed daily, it makes sense that someone would try and harvest information from unknowing users.

Content-wise, here are a few words and phrases that are consistent with present day phishing attacks, think twice if you spot an email containing the following:

 -COVID-19 Vaccine Information

–Unexpected Attachments

 -Inconsistent URLs

 -Action Required: Requests to Update Information

 -Misspellings and Poor Grammar

 W-2 Form Request

 An Email from the “CEO”

 You’ve Won a “Contest”

Besides the potential red flags above, these attacks become harder to spot when you’re viewing a suspicious, potential phishing email or request on your mobile phone or tablet. On a mobile phone or tablet you may not be able to spot the minor details such as details in the email layout, inconsistent fonts, and lack of scanning and security when it comes to attachments.

The typical rundown for Google Documents phishing is as follows; you’re sent some type of link via email that’s consistent with cloned Google Documents verbiage and brand, you’re then prompted to either download the imposter Google Document, at which point you’re led to a site that is created to look Identical to the Google Document log in page requesting you enter your username and password, unknowingly giving access to a cyber-criminal trying to extract information from your company.

How to recognize a potential threat and what companies can do.

There are different levels when it comes to hackers designing a phishing attack or phishing email, the common theme in all of them is to get you to share your log in information unknowingly through imposter pages with some being more sophisticated and detailed than others. When suspicious, always be sure to check the URL – if the URL is not to a Google Doc then it isn’t a valid document. Companies can’t assume everyone on their payroll is savvy enough to spot a potential phishing attack or phishing email. Most people have probably seen some type of phishing email attempt and are suspicious when presented with an email or link that doesn’t seem right, however, we can’t assume that this knowledge or recognition of a potential phishing attack is widespread through a company-base. Employee education is a very large part of protecting against any type of attack that utilizes an artificial link to click or a dummy website made to look exactly like a site you’re looking to access. Regardless of company size, employees should be educated when it comes to recognizing these attacks. These attacks are not incredibly sophisticated, but they can be difficult to spot and it’s just as important to report a potential phishing email or attack as soon as you believe you have identified one. In the event of a suspicious email, if you are uncertain of its legitimacy, it’s best to report it to Google and as well as your IT department, this could potentially stop the spread among your company. It only takes one instance by one employee to potentially compromise an entire system which could be costly or even fatal depending on the size of a business.

How to Protect Against Phishing attacks per the Federal Trade Commission

What could the potential impact be?

Businesses can be impacted on all different levels, typically, bigger businesses that have the budget to bounce back from a larger scale phishing attack will be able to minimize the effects in a relatively short amount of time, therefore, hopefully reducing the impact and spread internally. The case is much different with small businesses, as some businesses don’t have the ability or funds to protect against attacks of this nature, what may seem like a speedbump to one company may be a death sentence to another.

With the growing prevalence of Google Workspace and Microsoft 365, hackers are building campaigns to gain access to these specific platforms and since there’s such an abundance of data being shared, once access is gained there’s little limit to what they will be able to extract.

Not only do employees need to be well versed on recognizing a potential phishing attack but the company itself needs to be aware of how to protect the data on its journey to and from the cloud. We must keep in mind that files aren’t necessarily safer because they’re stored on a cloud as opposed to being stored locally, sometimes due to potentially exposed data pathways, the opposite may be true.

Here at Protected Harbor, we make sure that you’re covered not only from an educational standpoint but from a technological stand point as well. With our in-depth data filtering advantages and an industry leading protection rate from overseas phishing attacks, along with our uniquely effective Application Outage Avoidance, we can offer more effective and nimble protection from even the most advanced phishing attack. Overall, read you emails and messages carefully, if something seems like a phishing attack, it probably is. Make sure you’re taking the steps to notify and report phishing to your IT depart as well as Google if you believe you’re being targeted with phishing or phishing emails. If you even have the slightest doubt about the legitimacy of an email it’s best not to click any links or follow any “instructions” and report it right away. Google is constantly taking steps to make sure you’re safe when using their technology to run your business, especially when it comes to phishing and malware, but at the end of the day it’s always best to trust your instincts on whether an email or site looks suspicious to you. You never want to take a chance on compromising your system and potentially causing a great deal of damage to your company, when in doubt, report suspicious activity right away.