A well-crafted and an intelligent Phishing Attack over the Gmail has taken the world by surprise. The target is the Gmail users. The mail appearance has been well crafted, to entice even the most innocent users. This mail uses the Google Doc Link, and if the access to the Gmail ID has been provided, (as default) then there is no option to even think back once the user ‘clicks’ on the link.
One may find a mail from a known source with a innocent looking Google Doc link, this then takes the user, on click to accessing the Gmail account. Subsequently, on confirmation the user is directed to a tool that spread the hack further by importing the contacts in the Gmail. The mail is in circulation since Wednesday, 03 May 2017.
The perpetrator or the intender is not known. However, it gives access to people’s most personal details and information. The intended damage is also not clear from the modes-operandi.
The fear is also to those corporate or other users who subscribe to mail box solutions like outlook etc. The threat is also of the same magnitude, even if the click has been performed through gmail app, or accessed through the mobile device.
The only way to circumvent the attack is not to click on the “Google Doc” link. If one has clicked on the link, then a user should immediately review the permission granted to the Google Account to access “Google Doc”. Also a user can restrict permission granted to Google Doc, both for access and contact details.