Experts told about a new type of phishing using comments in Google Docs


Gmail remains an incredibly popular email service for businesses of any size. Almost 92% of startups and 60% of medium-sized businesses use the Gmail mail service. However, it does not provide complete protection against phishing attacks.

Specialists of Avanan, acquired by Check Point Software, told the details of the exploit associated with comments in Google Docs. The attack occurs when an attacker adds a comment to a Google document (or any part of Google Workspace). The victim is mentioned in the comment with the prefix @. In this case, the email is automatically sent to the person’s mailbox.

This email includes a full comment, including incorrect links and text. In addition, the email address is not displayed in the email, only the name of the attacker, making the attack less suspicious.

Start a discussion …
Source link