• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
      • Identity theft
    • Malware
      • Ransomware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
AskCyber Home » News » Cyber Security News » Gmail Phishing Attack Scams Using Google Docs

Gmail Phishing Attack Scams Using Google Docs

2017-05-04 by Michelle Dvorak

Gmail Phishing Attack Scams Using Google Docs

Google’s Gmail email service was targeted in a global phishing scam last night. The email sent out to Gmail users and was an especially crafty version of a typical phishing email. The fraudulent emails appeared to have been sent from someone the recipient already knew. The familiar sender names made it more likely that the email would be opened and thus helping the email scam spread even further and faster.
The email contained a message with an “invitation” from the sender to view a Google Document. Once users clicked on the link, readers were presented with a page of choices of which Google accounts to which they would grant access.

How to Spot the Suspicious email

Although the email appeared to be coming from a friendly name, the actual sending email address was consistently hhhhhhhhhhhhhhhh @ mailinator.com . Another clue was that the recipient (the person being scammed) was listed in the BCC (blank carbon copy) field rather than the recipient’s field [Figure 1].

Figure 1

Although one of our writers did receive the phishing email shown in Figure 1, he was cyber-savvy enough not to click on it! Thanks to Zach Latta, the cyber-attack process was recorded in his video:

@zeynep Just got this as well. Super sophisticated. pic.twitter.com/l6c1ljSFIX

— Zach Latta (@zachlatta) May 3, 2017

After account access was granted via the web page, the Gmail account was then used to spread the cyber-attack further.

What is a Phishing Scam?

A phishing email is any email that intends to steal something, usually personal or financial information, from the recipient. Typically, phishing scams are emails, but the term is sometimes used to describe phone call and websites too. Often an email scam directs users to a fake website that prompts viewers to enter in some personal information such as an account number or password.

When we talk about email, the sending email address is the email sender’s email address including their domain name. Most email clients give us the ability to set an additional display name. In this case, the display name, also known as the friendly name, was altered to contain the name of someone in the recipient’s contact list. For example, support @google.com is an email address or “box” but the friendly name might be customized to show as “Google Support.” With a familiar name as the sender, users were far more likely to open the email.

The May 3 Gmail Phishing scam was an email used with a fraudulent website.

Google responded to the attack almost immediately with posts on social media and one of their websites. {Figure 2] The company stated that only about 1% of its users were hit by the attack. Although .1% seems small, this means that over 1 million people received the email!

Steps to Take if You Are a Target of This Phishing Scam

  1. Be sure to change your password! This is something you should do on a regular basis – scam or not.
  2. Check Your Google and Gmail Security Settings

It is important for everyone to review his or her security settings on a regular basis. Make sure you have at least two account recovery options for your Google accounts. Visit Google’s security checkup center to review your account security and recovery settings. The Google security account check link is https://myaccount.google.com/secureaccount.

Filed Under: Cyber Security News Tagged With: email, hacking, phishing

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

511 Tactical

WHAT TO SHOP NOW

Shop

Safeguard Your Money with a VPN

Beat the Stock Market! - Get Rule Breakers!

Malwarebytes Anti-Virus is On Sale!

Shop Kaspersky Anti-Virus

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Gun Forum Booted by Domain Registrar

Feds Warn of Microsoft Defender Security Bug

New and Noteworthy Security and IT Courses

Classiscam Telegram Phishing Scam Targeting Europeans

Niantic Wins Game Cheat Lawsuit

Categories

Cyber Security News

Gun Forum Booted by Domain Registrar

… [Read More...] about Gun Forum Booted by Domain Registrar

Classiscam Telegram Phishing Scam Targeting Europeans

… [Read More...] about Classiscam Telegram Phishing Scam Targeting Europeans

Niantic Wins Game Cheat Lawsuit

… [Read More...] about Niantic Wins Game Cheat Lawsuit

Reserve Bank of New Zealand Reports Data Breach

… [Read More...] about Reserve Bank of New Zealand Reports Data Breach

More Cyber Security News

Tags

amazon Android Apple bitcoin Career China chrome CISA credit card Cyber Attack Cyber security Data Breach data privacy DHS Equifax Facebook FBI Firefox FTC games GDPR Google Government hack hacker identity theft iPhone Iran IRS malware Microsoft North Korea PayPal phishing phishing email ransomware Russia scam smartphone TikTok tutorial VPN web browser WhatsApp WiFi

Government

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

Texas DOT Hit by Ransomware Attack

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • News
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2021 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version