Massive Phishing Campaign Mimics Google Docs

[Schtask]

Gmail users were hit by a massive and interesting phishing campaign today. What makes this phishing campaign unique is that it was coupled with a dummy app that mimics Google Docs. If opened, the user would be redirected to a real Google account page that asks them to give Gmail access to the malicious application. Keep in mind that this application was coded using Google's own Application Development Platform. Luckily, Google has already disabled thousands of compromised accounts and has removed the offending application. Unluckily, this attack has already been replicated by security researchers using a slightly different naming convention. Nothing is safe.

 

[Quartz-1]

Oh good.

 

[CubanLegend]

I work as the computer tech for a school in a very large school district in FL... and this hit our entire District's Gmail network as well. I saw it coming in wednesday at like 2:30pm EST before my clock-out... and I immediately shot an email out to all the staff at my school warning them about it, before our district's IT Service Desk could even send out a mass warning of their own.

And even with my warning, and them being trained to be cautious of unknown emails (as they go through mandatory IT Security Awareness training every year)... I had a few staff actually give access to this "Google Docs" app... :/

It's like, if you were trained, and I sent out a warning, and the email was suspicious, and you still clicked "allow access" to a third-party app from an unexpected email... you deserve to have your account compromised. >_>

 

[vegeta535]

I work as the computer tech for a school in a very large school district in FL... and this hit our entire District's Gmail network as well. I saw it coming in wednesday at like 2:30pm EST before my clock-out... and I immediately shot an email out to all the staff at my school warning them about it, before our district's IT Service Desk could even send out a mass warning of their own.

And even with my warning, and them being trained to be cautious of unknown emails (as they go through mandatory IT Security Awareness training every year)... I had a few staff actually give access to this "Google Docs" app... :/

It's like, if you were trained, and I sent out a warning, and the email was suspicious, and you still clicked "allow access" to a third-party app from an unexpected email... you deserve to have your account compromised. >_>

Cause someone was forced to take a training class doesn't mean they payed attention. From my experience doing safety training you see a great deal of the people just spacing out. I had a guy that would fall asleep 2 minutes in of the training. I wake him up and tell him he needs to pay attention and he says sorry. I doesn't take more then 5 minutes to hear snoring from him again.

 

[Schtask]

I work as the computer tech for a school in a very large school district in FL... and this hit our entire District's Gmail network as well. I saw it coming in wednesday at like 2:30pm EST before my clock-out... and I immediately shot an email out to all the staff at my school warning them about it, before our district's IT Service Desk could even send out a mass warning of their own.

And even with my warning, and them being trained to be cautious of unknown emails (as they go through mandatory IT Security Awareness training every year)... I had a few staff actually give access to this "Google Docs" app... :/

It's like, if you were trained, and I sent out a warning, and the email was suspicious, and you still clicked "allow access" to a third-party app from an unexpected email... you deserve to have your account compromised. >_>

I have seen people click links in phishing mails with the title : "This is a phishing attempt". Nothing surprises me when it comes to humans and stupid.

 

[MarkVI]

My boss fell for this. It's amazing the things people will click on... I thought it was really obvious that it was malicious when I saw it.