Google has explained its plans for preventing large-scale phishing attacks in the future, so that there is no repetition of recent attacks on user emails.
The massive attacks were disconcerting and worrying to users, but Google is trying to set the user’s mind at ease.
Google plans to prevent future phishing attacks by increased tightening of policies on authentication by third parties. The earlier massive attacks pushed the user towards a fake application with a Google sign in. In addition, Google is also enhancing the features of filtering spam for targeting campaigns in the Doc style. It is also going into close monitoring of apps that request the user for any data.
Anti Phishing Strategies
Google already has several strategies for combating phishing, namely detection based on machine learning and Safe Browsing. It also includes scanning of email attachments and additional security measures involved for scrutinizing suspicious logins.
Comfort in Numbers
According to Google, the attack on 3rd May did not create much havoc. Only 0.1% of the users or less had been affected by the phishing attack, which seems to be comforting. However, the attack was massive and was spread globally for the one hour that it took place. In addition, even 1% of Google users mean a very big number. It is good to see that Google has stepped up its anti phishing strategy, so it implies that we may not see another massive mess at least in the near future.
Raising the Flag
The phishing attack of Google Docs had entered thousands of inboxes of users of Gmail earlier on this week. The attack had made use of a threat that was flagged by a few security researchers earlier on. In fact, one of the researchers had raised a flag regarding a threat as far back as in October 2011. It is also rumored that the people behind the phishing attacks have copied the strategy from concepts that were posted by a security researcher in GitHub some months back this year.
Google implements the permissions for its apps based on the standard used by several other web app providers. However, the implementation is too simple and unsuspecting victims can easily be fooled into giving away their email access, access to storage, cloud and other Google accounts. The phishing attackers made use of domains that were similar to Google’s in many ways. For instance, the hackers’ sites made use of an Apps Script that used the authentication system of Google to work against itself.
The phishing attacks were made using a malicious web app called Google Docs. It was delivered to the victims’ email with HTML messages that were similar to genuine Google Docs request, so users unsuspectingly offered the requested permissions without thinking twice. Such type of shortcomings had already been vulnerable to attacks by malicious mails used earlier. In response, Google had shut down the access of the malicious app to the customer, but the threat continued to exist. This is because all that was needed was to configure yet another app using Google’s authentic API for a fresh attack.