By: Dubem M.
On Wednesday May 3rd 2017, many Google users received an email from a contact, which said that the contact had just shared a document with them on Google Docs (Google Drive’s predecessor). The email, that seemed authentic enough, was all but it. When the user clicks on the link to Google Docs, they will be prompted to allow access to an app that looks like Google Docs. This same method of disguising malware, as known and trusted websites is an issue that still stands today (as we saw recently). Websites, like Facebook and Google, have had a hard time fighting virus’ of this kind because access to accounts were given by the account managers essentially giving the virus free reign of the entire account if the user allows it.
It was the product of a group of hackers that had used Google’s own features and services as a way to transport their virus and steal thousands of user’s information while also sending that same phishing email out to all of their contacts. Most of the users affected took to Twitter warning others and complaining about the event that just occurred. Due to all of the evidence, it became blatantly clear that all email had been directed through one email address: firstname.lastname@example.org. The virus was so prevalent and efficient because of the fact that people are more likely to open emails from people that they know, so once one person had been hacked, then all of their friends and family were most likely to be also hacked by the virus.
Google, the powerhouse that it is, quickly and efficiently went to work. Thirty minutes after the hack had begun, Google had isolated it, was notifying clients, and had dropped an official statement. In addition to that, Google set up a site for those who had been affected where they could find aid and show steps to revoking “Google Docs” and forestalling attacks from the same address.
How can we protect ourselves? The issue is easily solved though it is a little tedious. Everyone knows that when something that looks like “Terms and Conditions” comes up that nobody reads it and we just accept. At this point, it is almost expected that nobody reads the terms and conditions and that is what the hackers were banking on. Google, unlike other apps, social medias, and websites, has a generally small Term and Condition popup once the person has signed up for the first time. It clearly lists what the software is going to do and it isn’t hard to see what each app or software wants to do and is requesting power to do. The virus’ intent was nearly explicitly written on the terms and conditions. It requested access to manage one’s contacts, for example, and this is where the user needs to take initiative. If you know that an app like Google Docs doesn’t need access to manage your contacts, then you need to assume that something is wrong and proceed with caution. Google cannot help you with that.