2/28/2023 0 Comments G docs google![]() with G Suite, making it easy to create and add diagrams to your documents in an instant. The Netskope Security Cloud platform provides our customers protection against attacks like these launched from cloud apps. Need to create a flowchart or Venn diagram in Google Docs. We expect spam like this to continue in the near to medium term, and for it to take on election, coronavirus, and holiday themes through the coming months. We urge users to be extra careful in clicking on links in any cloud app, even if it is a cloud app that you commonly use. In this example, spammers succeeded in using comments in Google Slides to deliver spam messages that bypass common filters. Search the worlds information, including webpages, images, videos and more. ConclusionsĬybercriminals are always looking for new ways to abuse cloud apps. ![]() The documents involved in this spam campaign were reported to Google on October 29, 2020, and promptly taken down. Figure 3: Types of malicious links in Google Drive Disclosure The most common types of attacks linked victims to phishing pages (14%) or malware delivery points (76%). Over the past year, 2% of those links were spam, like in this example. The following figure breaks down types of attacks cybercriminals launched using Google Drive, where the goal was to get users to click on a malicious link. In total, 17% of malicious websites we block our users from visiting come from links in cloud apps. Over the past year, we have detected and blocked a variety of attacks launched by cybercriminals leveraging a variety of cloud apps, including Google Drive. One reason for their popularity is the fact that attacks launched from cloud apps can often subvert enterprise security controls, such as email or URL filtering. ![]() ContextĬloud apps are a popular vehicle for the distribution of malicious content. The motive was to entice recipients to sign up for a premium adult website. This particular spam message was targeted generally at personal accounts and not any specific enterprises or demographics. The document itself is a Google Slides presentation with a single slide containing a hyperlink that redirects the user to an adult website: Figure 2: Spam Slides presentation In this example, the comment masquerades as a postal notification: Figure 1: Spam comment In this Google Slides example, the sender appears as “Message Service (Google Slides).” “Message Service” is the name chosen by the spammer to make this appear official and “(Google Slides)” is appended by Google to all Google Slides comments. The email is sent by, an address used for comments added to any files hosted in Google Drive. The spam is delivered in the form of a comment on a Google Docs document or Google Slides presentation. In fact, may be explicitly allowed by your spam filters. ![]() Because the messages are sent by Google Docs, it is likely that your spam filters do not detect and block these messages. Both the comment and the document link the user to a spam or scam website. The spam messages come in the form of a comment on a document or presentations and are sent by. Netskope Threat Labs is warning users to be careful of spam messages being shared via Google Docs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |