It is unclear who is behind the attack but Google said that it took steps steps to counter the attack.
Google docs usually has the Google doc symbol when someone shares a doc with you – this one didn’t.” “At first sight it was good enough to fool me,” Cantillo said. One way to confirm that the email was malicious is that the email was addressed to “ ” Another way to tell, according to some who got the phish, is by the layout. “Luckily I was on mobile and the Google Doc thing couldn’t correctly open for me.”īut the phishers did not pull off the perfect scam, leaving several indicators that the “Google Docs” notification was not legitimate. “The funny part is that I was actually expecting an email from the person who didn’t realize they were phish-emailing me, so when I opened it I was not expecting it to be at all” Samuel Cantillo ’19 said. Updates to this alert will be forthcoming.” “Users who have clicked the link in an email should change their NetID password. “Cornell has taken steps to block the malicious websites,” the alert said. The hack does not only affect Gmail accounts, but any accounts that use Google’s email service, such as Cornell’s Cmail.Ĭornell IT posted a security alert about the phish at 3:51 p.m. The app can also send emails from the impacted account, making it appear that subsequent emails are from that person. The email contained a convincing invitation to view a “Google Docs” file, with the subject line reading, “_ has shared a document on Google Docs with you,” and the body reading “_ has invited you to view the following document,” similar to an email from an actual invite.īy clicking on the link, users give permission for a malicious app to connect to their Gmail accounts and to access their personal information. The emails arrived in a user’s mailbox from an anonymous sender claiming to be delivered from a familiar contact. A wave of “Google Docs” phishing emails infiltrated the world wide web Wednesday afternoon, affecting internet users at Cornell and beyond.
0 kommentar(er)
