Google Outlines Phishing Attack Campaigns, Steps Being Taken to Prevent Future Problems
When Gmail users received a phishing email impersonating Google Docs they clicked a link in the email that led them to the attacker's application requesting access to their accounts, said Mark Risher, Google director-counter-abuse technology, in a Friday blog post about the spoofing campaign last week. "If the user authorized access to the application (through a mechanism called OAuth), it used the user's contact list to send the same message to more people." Google said it stopped the attack within an hour of detecting it Thursday, and fewer than 0.1 percent of users were affected (see 1705040025). Risher said Google protects users from such attacks via machine learning technology that can detect spam and phishing messages with a 99.9 percent accuracy; "safe browsing" warnings that alert users to dangerous links within Gmail and across more than 2 billion browsers; prevention of suspicious account sign-ins; and email attachment scans for malware. The company, he said, is updating policies and enforcement of OAuth apps and anti-spam systems and expanding monitoring of "suspicious" third-party apps that seek information from users.