Phishing attack links passing through Google’s security filters.

In a recent article published by ArmorBlox, they revealed some of the phishing sites hosted on Google services like Google Docs, Google Sites, Google Forms, etc. and because they are hosted on Google’s domain they are getting passed through security filters. These types of phishing attacks look very genuine. You should always take security measures to prevent yourself from a phishing attack.

In this article, we will summarize the article by ArmorBlox and present you for quick understanding, and also we will tell you some security measures for phishing attack prevention that you have to keep in mind.

What is phishing attack?

A phishing attack means when a hacker sends you a URL of a website that looks like the original website but is actually just a dummy of the original website. This attack is used to gain your username and password.

For example, your friend/stranger sent you a URL (Link of the website) and told you to use this to change the look of your Facebook/Twitter, etc., or to find out who checked your social media profile. When you will open the link you will see a page that looks exactly like Facebook, Twitter, or any social media website he claimed about. Now you will enter your details thinking it’s a genuine website but as soon as you will enter your details, nothing will happen except for one thing. Your email/username and password will be sent to the owner of the phishing page.

Once I read somewhere, the most vulnerable thing to a perfect website is the user. It doesn’t matter how secure a website is, the weakest part is the user. As it is easy to fool people than to fool a machine. You can easily manipulate a user to make them share their private information such as Username, Passwords.

As a Software developer myself, we don’t trust user input. If we will take some kind of input from users through a Login form, Registration form, etc. we will take multiple security measures to sanitize user input. So you must take phishing attack prevention in your mind to make yourself even more secure.

But bad people find their way to do miscellaneous things. Here are some of the examples attackers are using to bypass security measures applied by google.

Google Forms Phishing Attack

Some of the attackers are using Google Forms to exploit the recovery information of the users by asking some common security questions. Below is the image for American Express but here in India that could be changed to SBI or any other bank in order to get your Internet Banking details.

Google Phishing form
Source: ArmorBlox

Google Sites Phishing Attack

Google provides a free service to create simple websites using sites.google.com domain but attackers are using this to create fake Google or Microsoft login pages. As the domain starts with sites.google.com it might seem legit to naive users. Below is the example of Microsoft Phishing page but it can be for Google too.

Microsoft phising page
Source: ArmorBlox

Google Docs Phishing Attack

One more free service is known as Google Docs but is acting as a medium to distribute malware. The most common attack is the PaySlip Scam.

payslip scam email.
Source: ArmorBlox

These types of attacks are not limited to Google services only but other companies that provide similar services like Dropbox, Canva, Azure, etc.

Also Read: Why should we mask our IMEI?

How to prevent phishing?

Precautions on preventing yourself from phishing:-

  • Enable 2FA in all your business, personal accounts.
  • Don’t use the same password for your different accounts.
  • Always check for sender’s email, type of language used. If you sense anything unusual, just ignore those kinds of emails and research them first.
  • Always confirm by calling/texting the person (company officials) and confirm if they sent this kind of email.

What to do after phishing attack?

It’s so annoying to get hacked. But don’t worry. I will tell you some of the tips that you can do if someone hacked your account using phishing.

  • First of all, login to your account, change your password and logout from all other device (most websites gives you this feature).
  • If hacker changed your password and you cannot login, just click on forget password.
  • If nothing about works, send a email to official mail address of the website whose account got hacked. They will ask for some verification like government ID etc., then they will unlock your account.

How to check if you got phished?

Follow these steps to check if your Facebook account got phished or not:-

  • Go to Settings>Security and Login> “Where you’re logged in
  • It will show you a list of devices where you are logged in. Click on See all and remove the devices which you don’t own.
  • Change your password and enable 2FA.

Follow these steps to check if your Twitter account got phished or not:-

  • Go to Settings and privacy>Account>Apps and sessions>Sessions.
  • Now it will show you the list of all the devices where you are logged in.
  • Click on Log out all other sessions to logout from all the devices at once.
  • Change your password and enable 2FA.

Some FAQ about phishing attacks:-

  1. What to do if you click on a phishing link in an email?
  2. If you didn’t enter any private details, then you don’t have to worry!
  3. Clicked on phishing link but did not enter details
  4. Then you don’t have to worry about anything.
  5. Can I get hacked by clicking on a malicious link?
  6. No, until you didn’t download or filled any kind of form. I wrote a post on this topic i.e. Can you get a virus from visiting a website

This is it, for now, guys, I hope you learned something new. I will keep sharing a useful information to keep you out of trouble.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.