Increase in Google Doc hacks renders gmail vulnerable

0
45
views

There has been an increase in hacking of gmail accounts through google docs. The simple yet effective hacks render your account open to hackers who can access your account and change your account if poor security settings are in play.   Below is a description courtesy of http://blog.onlymyemail.com of two hacks currently making the rounds.

untitled

A current Phishing campaign uses stolen Gmail accounts to steal the credentials to other email accounts, allowing spammers to increase their spam volume day over day.

The most common email circulating now comes with a subject that references the sharing of a file though “Google Docs” and often has a subject line of simply:

Subject:     Important Document

Since the email comes from a previously hijacked account, the recipients will typically recognize the sender’s address which makes it more likely that they will be taken in by this fraud:

 

Google Docs Phishing

Google Docs Phishing

In addition, the email will quite often include the account holders name and signature file (commonly including company name, phone, fax and other personal details) which makes it even more likely those receiving the message will trust it’s content.

In these cases however, the linked words lead to fake login pages that request the reader’s email username and password:

Google Docs Phishing Login

Google Docs Phishing Login

 

While the pretense is that this information is required to access the “Important Document” in fact the form simply provides your submitted login credentials to the spammer, who will then use your account to send more spam, viruses and these same Phishing frauds.

Cleverly, once you submit your personal email address information, the spammer’s form will then redirect you to actual google account pages which conceals from most users the facet that their email account access information has just been stolen.

Another identity theft scam currently circulating claims to come from a “webmail Administrator” and warns that your account is over quota:

Your mailbox has exceeded the limit 2 GB storage is also defined by your
administrator, are 2.30GB running, can not be able to send or receive new
messages until you confirm your mailbox. To re-validate your mailbox. do
click on the link below:

https://docs.google.com/forms/d/1wenmD0sljZ0Cje1_O6UPOdM4PKiFMDH25_HLSPc6Hag/viewform

System Manager
(webmail Administrator)

This email actually does use Google Docs to host a web form used to trick users into providing their email account username and password:

 

Google Docs Webmail Phishing Form

Google Docs Webmail Phishing Form

 

And also provides the user with a reassuring confirmation screen, again for the purpose of making it unlikely the victim will realize the theft that has just occurred:

 

Google Docs Webmail Phishing Confirmation

Google Docs Webmail Phishing Confirmation

 

Interestingly, the examples provided are not too difficult for most good spam filters to detect. Regardless, recipients are still fooled by these emails every day (as evidenced by the volume of already stolen Gmail and other system accounts we see sending these emails).

More importantly, such obvious Phishing Frauds should be even easier for Google’s Gmail and Google Docs systems to detect before they are sent out to the masses in the first place.

The easiest way to get rid of them is to know that google nevers asks you to sign in to view google docs or access any other service on their platform once you have signed into your email.

LEAVE A REPLY

Please enter your comment!
Please enter your name here