Hackers Exploit Google Docs For Phishing Attacks

Share post:

Attackers are abusing the comment feature in Google Docs to spread malicious emails.

The comment feature helps people collaborate on the same documents. Attackers add a comment to a Google document and then mention the target by typing the @ icon followed by an email address.

The full comment contains a malicious link that can cause a malicious infection once activated.

The phishing attack was discovered by Avanan in December 2021 and targeted more than 500 mailboxes in 30 different organizations.

The attackers used more than 100 Gmail accounts to carry out their nefarious activities. Microsoft Outlook users and recipients of other email platforms have been on the receiving end of the attack.

To protect users from this phishing campaign, Avanan gave them tips to follow, including cross-referencing email addresses before clicking on them, checking links and looking for grammatical errors.

Others involve contacting the actual sender for confirmation and ensuring that users and their organizations have strong security protections.

For more information, read the original story in TechRepublic.

Featured Tech Jobs


Related articles

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

LinkedIn introduces verification for recruiters to combat scams

LinkedIn announced today the launch of a new verification process for job recruiters, a move aimed at curtailing...

Cyber Security Today, Week in Review for week ending Friday, April 5, 2024

This episode features a discussion on a highly critical report on the hacking of Microsoft Exchange Online email accounts, a case study of a ransomware attack and the discovery of a years-long infiltration of an open source group to insert a backdoor

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways