Google Phishing Campaign

 

What Happened?

A large-scale phishing campaign was discovered yesterday, May 3rd. The objective of the attacker was to gain access to the victim’s Google account. The messages appeared to come from addresses known to the recipient.

What Is the Risk?

Within an hour, Google disabled the accounts associated with this attack. The phishing websites associated with the attack have been taken offline. For those users who clicked the link, logged into their Google account, and granted account permissions, personal contact information was exposed to attackers.

While the exposure of personal emails and files was possible, analysis from Google indicates that this did not occur.

What Can I Do?

While notable for the scale, email scams such as this are extremely common. Thankfully, a few small actions can help keep you safe.

Click Wisely: Only open files or click links in messages from people you trust, and that you were expecting.

Report Phishing: If you receive a suspicious email, forward it to phishing@harvard.edu. This helps us protect you, and everyone at Harvard.

Go to the Source: If an account alert seems odd, but you’re still curious to find out more- close the email and visit the official website directly. For unexpected or out-of-character messages sent from people you know, contact the sender outside of email to confirm that the message is authentic before clicking or opening anything.

Review your Google Security Settings: Google has made it easy to review your account security settings at https://myaccount.google.com/secureaccount. Here, you can confirm your two-step verification settings and review the third-party account access that you have granted.

Further Reading:

Official Statement from Google: https://twitter.com/googledocs

 

See also: Security Alerts