Once you log in through the fake page, you’ll even be taken to an actual Google Doc. Clicking on that link grants permission to a bogus third-party app to possibly access your credentials. You may never even know they’ve been swiped.
Google is aware of the issue and is investigating it. The company encouraged users to report the email as phishing within Gmail. The attack seemed to be more advanced than standard email phishing scams because it doesn’t simply take users to a bogus Google page to collect a password, but instead is working within Google’s system with a third-party web app that has a deceptive name.
Phishing scams typically involve emails, ads or websites that appear to be real and ask for personal information, such as usernames, passwords, social security numbers, back account data or birthdays. It is more important than ever to not click on malicious links, as the scammers have become ever more sophisticated, but how can you tell the good ones from the bad ones?
TIP: If it seems too good to be true then it probably is too good to be true!
We have helped several of our customers recover from this attack by putting Vorsite’s Cyber Security for Office 365 in place, which enables spam protection, anti-phishing protection, and malware protection for attachments and links. It is important every employee is aware about the importance of cybersecurity, and are provided the tools and resources needed to stay safe online.
Want to reduce the risk of your data falling into the hands of cyber criminals? Feel free to reach out to Vorsite for more information regarding our approach in reducing the risk of cybercrime for your business, hblack@vorsite.com or (206) 781-1797.
View our Cyber Security for Office 365 On-Demand Webinar for more information about cyber-attacks and how to prevent employees from falling victim.