Google Docs phishing scams are on the rise - here's what you need to know

News
By Craig Hale
published

Google Docs scam will fool most threat detection tools

laptop with google suite icons displayed
(Image credit: Shutterstock)

Cybersecurity software company Check Point has identified a worrying new Google Docs phishing scam that is bypassing usual detection measures to get straight into victims’ inboxes.

The researchers refer to the phishing scam as an evolution of BEC (business email compromise) 3.0, or one that maliciously uses legitimate sites to get access to a target’s mailbox.

With so many companies now favoring Google Workspace’s office software, the scam’s potential for reaching workers in especially troubling.

Google Drive phishing scam

Analysts say that all a threat actor needs to do is create a Google Doc. Inside the file, they can place any sort of attack they desire, including phishing links and URLs that redirect to malware

Read more

> These are the best firewall choices to stay safe

> Watch out - that urgent PayPal email could be a phishing scam

> Watch out - that unexpected Microsoft alert could well be a phishing attack

From there, the Doc just needs to be shared with a victim via the typical Google Drive sharing process. Because the email then arrives via a genuine Google email address and domain, and not one that belongs to the scammer, victims are less likely to identify it as an attack.

Furthermore, detection and prevention tools are also more likely to trust emails from genuine services like Google.

Check Point says that this type of BEC attack uses a form of social engineering, leveraging a trusted service provider (in this case, Google) and a trusted process (document sharing).

Google was reportedly informed about the discovery earlier in July, which it says is not a novel attack method, and as such, it already has strong protections to combat these types of tactics. A company spokesperson told TechRadar Pro:

"We have numerous layers of protections that protect our users from this class of attack, such as built-in warnings in Docs, and automatic scans in Drive that block the vast majority of phishing attempts."

In the meantime, CheckPoint advises security professionals to implement new and advanced measures that use artificial intelligence to spot multiple phishing indicators. File scanning software is also a good idea, as is URL protection.

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!