Snapping Out of the Cloud Comfort Zone: The Google Docs Phishing Scam

People wised up to email phishing, but scammers hit paydirt with the Google Docs scam. Don’t get too comfortable with the apps you constantly use in the cloud. Learn more about protecting yourself when using these apps on a daily basis.  

Google Phishing Scam

There’s a very strong chance that just this week, you received an email from a sender you know inviting you to open up a file in Google Docs but it turned out to be a fake request. Even after chatter of this scam took Twitter, Reddit, and other social media sites by storm, urging users to ignore the messages and not even long into Google Docs altogether, it raised some questions about phishing schemes. Google disabled Docs for a short while as they worked on eliminating the threat and all is well again, but despite Google’s timely remediation this also raises questions about the apps that we trust and use on a daily basis.

Let’s face it: phishers have had to become more inventive in order to get the information they want.

Most people with a basic sense of tech-savviness are well aware of phishing via email, where a scammer sends a bogus email that is trying to get your log-in credentials as well as sensitive information like your bank account and credit card numbers. Phishing emails have become more sophisticated in recent years, mimicking the domains and trusted users that a real email would come from, but most people are still aware of phishing to the point that they’ll ignore and delete the email if something looks off.

And usually it’s easy to tell when something is off: phishing emails often have spelling errors and email layouts that don’t match official communications from the sender they’re impersonating. Companies like PayPal also warn you about phishing scams directly in emails intended for you so that you can report spoof accounts. This attack however, was widespread and unprecedented. People expect a phisher to try something funny with their PayPal account, but not the group of expense reports your team was working on in Google Docs that you just invited people to.

What makes the Google Docs phishing scam so unique is that the phishers decided to go one step beyond. The Google Docs permissions screen didn’t look obviously fake. The scam worked within Google’s system by taking advantage of the fact that you can easily create a non-Google web app with a sinisterly similar and misleading name. The scam pages looked sophisticated enough that many people in higher-up positions inadvertently clicked on the permission screen, sending more fake Google Docs spam to their entire contact lists and frustrating IT departments nationwide.

It took a while before people realized it was a phishing scam and took to the internet to warn people from all walks of life to just take precautions and not even open anything from Google Docs, despite how familiar they are with the sender.

Snapping Out of Your Comfort Zone in the Cloud

If there’s a teachable moment to be found from this scam that fortunately was resolved quickly, it’s that you can never be too careful. Always carefully examine invites for document-sharing and collaboration to ensure that they are from the domains they are from and a trusted user initiated the invite.

Depending on your workload and how many clients or colleagues you are collaborating with, you’re likely to know in advance if a Google Docs invite is coming your way. But phishers took advantage of people because they know that it’s a common collaboration tool, and people just get comfortable in their accounts without having to do multiple log-ins to access the invite. You need to snap out of this comfort zone and pay attention to keeping your information secure.

Enable 2-factor authentification on your Google accounts and change your password every so often. If your Google Docs or other cloud account gets busy and cluttered, phishers are taking advantage of that so always get verification from your clients, co-workers, and the like if they invited you to view a document.

Phishers will only get even better at what they do, and they’re counting on your complacency. Don’t be a victim!

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
Client Feedback

“LAN Infotech has been an exceptional resource for our organization. They provide consistent knowledgeable network engineers, round the clock monitoring and are invaluable in our IT infrastructure decision-making process. Their level of customer service has been top-notch and exceeds our expectations – we look forward to a continued partnership with LAN Infotech.”

—Janice M. Pennington
Vice-President of Finance & Administration
National Multiple Sclerosis
Society South Florida Chapter
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services