Google’s Phishing Attack: Massive Threat to GMail Users

05.04.2017

Are you a GMail user? Odds are most people use GMail at some point during their day. Whether it’s to utilize the Google Drive, Google Photos, YouTube, or GMail, you have a Google Account. There is a very sophisticated Phishing attack going around targeting GMail users. What is a phishing attack?Simply put a phishing attack is a malicious attempt to entice a user to open or download an infected file. The infected file will launch a virus on to the user’s computer that captures sensitive personal information or, worse, holds your files ransom.

What makes this particular phishing attack so sophisticated is that the messages look legitimate. They come from GMail senders with real profiles; a profile image even appears in the sender information. The Google Doc appears to be a real link. The link it takes you to is branded in full Google colors and font. From all accounts it appears to be a valid Google Doc email. Check out what it looks like below:

Gmail Phishing

But it is far from legitimate. The permissions this phishing attack is asking for grants them access to your ENTIRE GMail account. This means all your contacts, personal information, photos, and more. Once you click on the link, the virus begins sending phishing emails to your entire email contact list. This phishing attack is spreading fast and many people have already fallen for it. Google has pushed through security updates and shut down many of the sender accounts, but it’s still a real threat.

So… what can you do to protect yourself?

  1. Never Open An Attachment / Link From Someone You Don’t Know
    Even though these latest threatening emails appear to from legitimate senders, if you do not know the name, do not open or click on any attachment. If you receive an attachment or link from someone you do know, reach out to the sender personal to validate their attachment. No matter how official something looks, it’s always safe to double check.
  2. Back-up, Back-up, and Back-up Your Data
    If disaster should strike and you do get attacked, make sure you have a secure back up of your data. Should your data become compromised, having a back-up can save weeks of time restoring your information. There are many services, like Axcient, that safely and automatically back-up your data every day so you don’t have to remember or worry about it. That way if you become compromised, someone like Datasmith can get you up and running again in minutes.
  3. Anti Virus and Firewall
    Your first line of digital defense is your anti-virus and firewall. If these two pieces aren’t up to date, you are defenseless against an outside threat. If you’ve been ignoring those anti-virus pop up windows or aren’t quite sure what a firewall is, contact Datasmith immediately to protect yourself.
  4. Hosted Exchange
    Hosted Exchange is a service where a provider makes a Microsoft e-mail box and space available on a server so its clients can host their data on the server. The provider manages the hosted data of its clients on the server. This provider maintains all security and protection necessary to keep your emails safe.
  5. Office 365
    Office 365 is Microsoft’s Software As A Service solution for it’s Microsoft Office Products. You utilize Microsoft’s servers to access their various software from any device connected to the internet. This also provides an added layer of security to your email and files. Not to mention employees like being able to access their files and emails from anywhere.

As technology advances, so will the threats against us. This phishing attack is the first of many sophisticated threats. Contact Datasmith to ensure your business is protected digitally. With the right tools you never have to worry about a virus shutting your business down.

Share