The cybersecurity company Avanan has reportedly launched a massive phishing attack since December, in which unknown attackers send malicious links via Google Docs and leave comments on documents.
The attack pattern is relatively simple. Attackers create documents on the Google Docs platform and add comments using special markup – the “@” symbol and the username of the potential victim. The potential victim then receives an email notification from Google containing the full text of the comment and a malicious link. The tool is very useful for hackers because Google is listed as the sender of the phishing email and the attacker’s address is not given, which makes identification difficult.
According to Avanan, such a scheme seems quite dangerous. Since the e-mails come directly from Google, filter systems do not react to them and the display of the attacker’s name instead of his or her e-mail address in e-mails makes it easier for him to disguise himself as a familiar person.
All common security measures are designed to protect yourself against such attacks: it is recommended that you be careful about any links that are asked to follow, even if they appear to have been sent by someone you know. It is also recommended to study the accompanying text of such a link. The overuse of Google Docs’ commenting system makes this task a little difficult, but doesn’t make it impossible. Avanan also said it notified Google of the problem.