Google Phishing Email Underscores Need for Two-Factor Authentication
A sophisticated Google Docs and Drive phishing email has been reported by Symantec, as it appears to be very convincing - an email with the subject line “Documents,” with a link in the body to a Google login page. The document claims to be a confidential Google document.
The phishing attackers have easily exploited a lot of Google Drive features by uploading a document to a folder in a Drive account, setting it to public, then using the preview feature to allow the public to view the file.
It seems simple enough, but they went even further to ensure the login page looks legit, as it’s served over an SSL. But after a user enters and submits their Google credentials, the data is sent to a PHP script on a compromised web server, according to Symantec. After, the page redirects the victim to an actual Google Drive document.
Why would an attacker want your Google credentials? They could be after personal information, including any banking logins, and they can use Google accounts to access Google Play to purchase apps and content. Symantec states that their customers are protected against these type of attacks, but doesn’t specify how exactly.
A Google Product Forums post from a user that fell for one of the phishing emails states that several of their contacts had received phishing emails from their account, even though the user changed their password right away. Google has released a statement to say they've deleted the phishing document and account, as well as advising to change your password, but there's a different way you can protect against any future phishing attacks.
Protect Your Google Accounts with 2FA
You can actually protect your personal Gmail and other Google accounts with our two-factor authentication by using the Duo Mobile App to generate passcodes for your account.
Follow the screen prompts, including entering your phone number, and entering the passcode Google sends you. After that, choose the app verification for your phone type to receive a barcode. Open your Duo Mobile App on your phone, tap the + key to add a new account, and then scan the barcode. It should be added to your account list immediately. Then tap the key icon to get the code and enter it into the screen prompt to complete the process.
Duo Security’s two-factor offers both enterprise and personal account protection, supporting a ton of third-party accounts with our app, including Google, Dropbox and Amazon Web Services (AWS). Check out our guide to setting up Duo’s two-factor with Third-Party Accounts.