Last week, Google account users were hit with a sneaky phishing scam, sending thousands of unsolicited emails and taking the company off their guard. And now Google has announced it’s gone through the necessary steps to make sure there won’t be any future scams.
The emails were disguised as invitations to Google Docs by a person in the user’s contact list, making it seem as though the link was legitimate. But, unfortunately, those who clicked on the invitation were sent to a malicious URL that stole access to their account and sent the same email to users in their contact list, allowing the scam to replicate until there was a complete takeover.
In a blog post on Friday, Google stated that it had shut down the scheme within an hour using a “combination of automatic and manual actions” that required removing fake pages and pushing user-protection updates through the various Google user platforms. Their machine-learning system also stepped in to help detect spam emails with 99.9 percent accuracy.
Google is also going to enforce applications that use its OAuth, which is the code that allows you to pull account-specific, authenticated data (like the email addresses in your account) for use in the app.
“We’re taking multiple steps to combat this type of attack in the future, including updating our policies and enforcement on OAuth applications, updating our anti-spam systems to help prevent campaigns like this one, and augmenting monitoring of suspicious third-party apps that request information from our users,” writes Mark Risher, Director of Counter Abuse Technology for Google.
Less than .1 percent of users were actually affected by the attack, which says something about Google’s security capabilities. But, any attack of this caliber warrants some kind of preparedness on the user-level. So, the company suggests users take the proper steps. One way is reviewing a list of devices that have access to a user’s account. Users can do this by taking the Google Security Checkup.
Google hopes this will reduce the already slim likelihood that another attack will gain access to user accounts, but you can never be too cautious.