Cybersecurity software company Check Point has identified a worrying new Google Docs phishing scam that is bypassing usual detection measures to get straight into victims’ inboxes.
The researchers refer to the phishing scam as an evolution of BEC (business email compromise) 3.0, or one that maliciously uses legitimate sites to get access to a target’s mailbox.
With so many companies now favoring Google Workspace’s office software, the scam’s potential for reaching workers in especially troubling.
Google Drive phishing scam
Analysts say that all a threat actor needs to do is create a Google Doc. Inside the file, they can place any sort of attack they desire, including phishing links and URLs that redirect to malware.
From there, the Doc just needs to be shared with a victim via the typical Google Drive sharing process. Because the email then arrives via a genuine Google email address and domain, and not one that belongs to the scammer, victims are less likely to identify it as an attack.
Furthermore, detection and prevention tools are also more likely to trust emails from genuine services like Google.
Check Point says that this type of BEC attack uses a form of social engineering, leveraging a trusted service provider (in this case, Google) and a trusted process (document sharing).
Google was reportedly informed about the discovery earlier in July, which it says is not a novel attack method, and as such, it already has strong protections to combat these types of tactics. A company spokesperson told TechRadar Pro:
“We have numerous layers of protections that protect our users from this class of attack, such as built-in warnings in Docs, and automatic scans in Drive that block the vast majority of phishing attempts.”
In the meantime, CheckPoint advises security professionals to implement new and advanced measures that use artificial intelligence to spot multiple phishing indicators. File scanning software is also a good idea, as is URL protection.
- Think you’ve been compromised? Check out the best identity theft protection
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Apple Barrel Acrylic Paint in Assorted Colors (2 Ounce), 20504 Black
$0.58 (as of March 12, 2025 20:22 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Alpha Grillers Meat Thermometer Digital - Instant Read Food Thermometer for Cooking Grilling Air Fryer Griddle Probe Kitchen Gadgets Essentials BBQ Accessories Grill Gifts for Men Him Dad Fathers Day
$14.82 (as of March 12, 2025 20:22 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Milk-Bone Peanut Buttery Bites Soft Dog Treats with Jif Peanut Butter, 11.8 Ounce Bag
$9.98 (as of March 12, 2025 19:46 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Kukka Tea Tree Oil for Skin, Hair & Toenails - 4 Fl Oz - 100% Pure Natural Tea Tree Essential Oil Made from Australian Melaleuca for Potency - Used in General Wellness, Aromatherapy & DIY Soap Making
$9.99 (as of March 12, 2025 20:22 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
