Beware, spammers using Google Docs in email attack
In times of constant and growing threats for individuals and governments, from online hackers, a new type of attack which uses a popular Google tool has emerged.
In India, where there is a growing push from the government towards digitization of all transactions as part of Digital India scheme, the level of such a threat and its repercussions can be even higher. As details like passwords, personal information are being stored in users accounts and computers, such an attack can leave users vulnerable to data and identity theft.
Alphabet Inc, the parent company of Google, has warned users that all Gmail/Google users are vulnerable to the latest mode of attack. It also warned its users to be careful of emails being sent, which look as if they are from known contacts, asking them to click on what appears to be a Google Docs hyperlink.
The warning came after a large number of people complained on social media that their accounts
had been hacked.
A novel approach to phising was applied by the attackers. They used a technique of hacking where users were tricked into giving sensitive information, by gaining access to their accounts without having to hack their passwords. They achieved it by getting an already logged-in user to grant access to a malicious application posing as Google Docs.
While Google has said that it had taken steps to protect users from the attacks by disabling offending accounts and removing malicious pages, there are steps that users should take to try to protect themselves.
These include steps like being careful not to press on, or just deleting, mails appearing to be from known contacts but having an unknown address. The users have to carefully check these details before clicking on them as this could lead to malicious software getting downloaded.
Another step that users can take is choosing multifactor authentication, similar to what banking services , social media accounts offer, which is considered the most basic way to protect your accounts. This method sends a one-time-password to the registered mobile number to protect from an unauthorized user access.
And in case that users have already clicked on such a link and given access to their Google docs, this should be immediately revoked through the permission link available in the account settings. Also, simple steps like changing passwords and using words which are not in the dictionary, as attackers use a program which tries all the words in the dictionary to find the password, and reporting of such attacks by clicking on "Report Phishing" option available should be taken.
OneIndia News
-
India vs New Zealand T20 World Cup 2026 Final: Five Positive Signs Favouring India Before Title Clash -
IND vs NZ Final Live: When and Where to Watch India vs New Zealand T20 World Cup 2026 Title Clash -
Ind vs NZ T20 World Cup 2026: New Zealand Needs 256 Runs To Beat India And Win The World Cup -
UAE Attacks Iran, Becomes 5th Nation To Enter War; Reports Suggest Strike On Iranian Facility -
ICC T20 World Cup 2026 Final: Ricky Martin, Falguni Pathak To Perform At Closing Ceremony, How To Watch -
Who Is Nishant Kumar: Education, Personal Life and Possible Political Role -
IND vs NZ T20 WC Final: New Zealand Win Toss, Opt To Chase; Why Batting First Could Be A Tough Call For India -
Gold Rate Today 8 March 2026: IBJA Issues Fresh Gold Rates; Tanishq, Malabar, Kalyan, Joyalukkas Prices -
From Kerala Boy To World Cup Hero: Sanju Samson’s 89-Run Blitz, His Birth, Religion, Wife And Inspiring Story -
Hyderabad Gold Silver Rate Today, 8 March, 2026: Latest Gold Prices And Silver Rate In Nizam City -
Panauti Stadium? Is Narendra Modi Stadium an Unlucky Venue for India National Cricket Team? -
Storm Over West Bengal Govt's 'Snub' To President Droupadi Murmu
Click it and Unblock the Notifications
Sign in with Google