CATEGORIES
home News

Security Researchers Warn Of Massive Malware Campaign Aimed At Google Docs Users

by Zak KillianThursday, January 06, 2022, 05:14 PM EDT
Google Docs icons
Google Docs pretty much revolutionized online collaboration when it came about. Instead of having to install clunky network software packages, or worse, use awkward remote desktop features, you could simply send your coworker or collaborator a web link and the two of you could work on a document simultaneously in your browsers. Google's application package certainly wasn't the first (or last) collaborative-editing software, nor even the first to work this way, but it was by far the most accessible given its price: free!

We're speaking in the past tense because we're talking about Google Docs' public release back in 2012, but it's not as if the application suite has become less popular. Thousands of businesses and millions of individuals rely on Google Docs. Naturally, that makes it even more of a massive, delicious target for bad actors than it already was, and Avanan (a security company under the Check Point umbrella) is warning of exactly such a danger.

The specific exploit in this case is pretty simple, and it makes use of features built into Google Docs intended to speed collaboration. Hackers open a public Google document and then add a comment, mentioning someone with an @. This automatically sends an e-mail to that person's inbox that comes from Google itself and contains the full text of the comment, including dangerous phishing or malware links. To make matters worse, the e-mail of the commentor isn't shown; only the name is included, which makes this feature perfect for impersonation attacks.

googleslidesattack
An example of an attack e-mail. Image: Avanan (click to enlarge)

Avanan says it has seen the attack used primarily targeting Outlook users, although it could be used for any e-mail address that is used to login to a Google account. The security firm says that the hackers it observed attempting this exploit used over 100 different G-mail accounts to create the fishy comments, likely knowing that the entire account would be creamed once Google got wind of its misdeeds.

Because the e-mail comes directly from Google and directly to a specific user, and because the e-mail doesn't contain any e-mail addresses, this specific exploit punches right through most spam filters and content blockers. That makes it an easy way for bad actors to reach into corporate infrastructures that make use of Google Docs. Avanan says it notified Google of the problem on January 3rd.

To deal with these kinds of attacks, you simply need to follow anti-phishing best practices. Don't click on any links in Google Docs comments, or in the e-mails from Google Docs. As Avanan says, remind your users to practice good "cyber-hygiene, including scrutinizing links and inspecting grammar." Finally, if they're not sure, tell them to contact the legitimate sender and ask whether they intended to share that document.
Tags:  Malware, Phishing, Google Docs, cybersecurity, (nasdaq:goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment