[Mail_treas] Update - Google Phishing Attach

Thor Sage sage at mveca.org
Thu May 4 08:03:38 EDT 2017 

Good morning!
A quick recap and update on the Google phishing attack:

Here is how the Google phishing attack happened yesterday, and what steps you can take to prevent it in the future.  This was a widespread attack, not just isolated to Ohio or K12 schools.

1)  Users received an email that a Google Doc had been shared with them. Many users recognized the sender, and the email looked relatively legitimate.
2)  The shared document button took users to a real Google login page (at this point users were still safe).
3)  Once logged in, this is where the attack happened.  Users were asked to allow "Google Docs" permission to access their Google account.  So, a malicious person created an application that used Google as a single sign on, but they named the application "Google Docs" to fool users into thinking it was an actual Google application.
4)  If a user clicked on the Allow button, the fake "Google Docs" application now had access to their Google accounts and to act on their behalf (send the message to everyone in their address book, perform password resets, etc.)

How can I make sure I'm safe, and prevent a similar attack in the future?

1)  Know that Google applications do not need permission to act on your behalf.  If you are logged into Google, you should not need to give any more permission to Google to use services like Google Docs.
2)  We've attached a picture of the permission request that users would have received.  Always look through these carefully before clicking allow.
3)  If you did fall prey to this attack, take a moment to go in and remove access from the Google Docs application.  Go to https://myaccount.google.com > Sign In & Security > Connected Apps.  View the applications that are connected to your account.  Remove the Google Docs app if it's connected.



Thor Sage
Executive Director
Miami Valley Educational Computer Association
937-767-1468  x3101
[http://www.mveca.org/images/logo.gif]<http://www.mveca.org/>
Not-for-profit Technology Services for Education and Local Governments



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.mveca.org/pipermail/mail_treas/attachments/20170504/153124fe/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 3184 bytes
Desc: image001.jpg
URL: <http://listserv.mveca.org/pipermail/mail_treas/attachments/20170504/153124fe/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: googledocs.png
Type: image/png
Size: 53298 bytes
Desc: googledocs.png
URL: <http://listserv.mveca.org/pipermail/mail_treas/attachments/20170504/153124fe/attachment.png>

More information about the Mail_treas mailing list