latrates.blogg.se

Phone google drive spam
Phone google drive spam








“If you're not sure if someone sent you a file or link," she explained by email, "pick up the phone and ask, especially at work.” If you are not expecting one with a file or a link in it, don't click on it-even if it comes from someone you know.

phone google drive spam

Limor Kessem, executive security adviser for IBM Security, says you need to be wary of all emails. People and businesses on that list are more likely to be hit by spam and future phishing attacks. Google has purged the fake applications and other malicious content from its system.īut there's nothing you can do about the fact that your contact list is now in the hands of hackers. If you fell victim to the phishing attack, you don't need to do anything with your Google account, including changing your password.

#Phone google drive spam password

“Using multi-factor authentication and the best password in the world doesn't help," he adds, "because you’re logged into Google and you’ve given permission to use your account.” The scam worked much the same way as the fake apps that once plagued the app stores of Google and Apple, says Cottrell, except that those scams used permission requests to steal information from smartphones. In fact, the hackers then used the accounts to send even more emails out to those contacts. They also got access to all of the contacts in the victim’s account. When victims agreed to the request, the hackers could read, delete, and send emails that appeared to be coming directly from the victim's account. The user experience was remarkably similar to the real thing, too. “They just built an app that looks like Google Docs."

phone google drive spam

“There’s almost nothing technical about this,” says Cottrell, who was one of the many people to receive the fake Google Docs invitation. Instead of directing victims to a fake website or a malware-filled attachment, it asked them, through the actual Google authentication process, for a handful of permissions, including total access to their Gmail accounts. This fake app put a new twist on the traditional phishing scheme, says Lance Cottrell, chief scientist at the cybersecurity firm Ntrepid.

phone google drive spam

The email invited the victims to open a Google Doc and, once that happened, they were asked to authorize a “Google Docs” application. According to research done by Talos, the threat intelligence division at the computer network firm Cisco, the emails in yesterday's attack appeared to be authored by a real contact from each victim's address book.








Phone google drive spam