Google Now Protects You From Phishing Attacks

FOLLOWING a widespread phishing attack that allowed hackers to access all of the data linked with your Google Account – including your Gmail email address, contacts and online documents – Google has pushed out anti-phishing security. Google has pushed-out an update that will protect users against phishing attacks

Google has beefed-up Gmail’s ability to spot phishing attacks.

The new update comes hours after a widespread phishing attack allowed hackers to access all of the data linked with your Google Account – including your Gmail email address, contacts and online documents – with a fraudulent Google Doc link.It’s unclear whether the enhanced anti-phishing security checks rolled-out to Gmail are because of the phishing attack, or simply by coincidence.

“Warning – phishing (web forgery) suspected,” the pop-up cautions users.

“The site you are trying to visit has been identified as a forgery, intended to trick you into disclosing financial, personal or other sensitive information.”

The new Gmail feature appears to be part of the US search firm’s Safe Browsing database, which catalogs webpages known to host malware or fool surfers into revealing sensitive information.

Gmail has been updated to spot phishing attacks within emails

Google announced the new security feature on its official blog.It wrote: “While not all affected email will necessarily be dangerous, we encourage you to be extra careful about clicking on links in messages that you’re not sure about. And with this update, you’ll have another tool to make these kinds of decisions.”Unfortunately, the new security measures are currently only available on Gmail for Android.So – web users should still be on the look-out for suspicious URLs within emails.Earlier today, Alphabet Inc – the parent company behind Google, Waymo, and more – warned users about the terrifying phishing attack that hit Google users.The hack is disguised as an email from one of your contacts – or Google itself – telling you that somebody wants to share an important Google Doc.

One example of the fraudulent Google Doc links being sent to Gmail users worldwide

Gmail users will be aware that this type of notification is pretty common – and likely wouldn’t raise an eyebrow.However, those who click the link to view the document will inadvertently provide cybercriminals access to the contents of their Google accounts, including email, contacts and online documents, according to security experts who reviewed the scheme.According to some reports, these fake Google Doc links will take users to a genuine Google page to select an account.After that, users will be taken to a new webpage asking permission to allow “Google Docs” to access the account.

Google Docs falls victim to major hack

Clicking the “Allow” button will enable the attacker access your account – and will more than likely allow the cybercriminals to share the fraudulent Google Doc link with your contacts.”We are investigating a phishing email that appears as Google Docs,” Alphabet Inc tweeted from its Google Docs.”We encourage you to not click through and report as phishing within Gmail.””This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.

Cappos said he received seven of those malicious emails in three hours on Wednesday, an indication that the hackers were using an automated system to perpetuate the attacks.He said he did not know the objective, but noted that compromised accounts could be used to reset passwords for online banking accounts or provide access to sensitive financial and personal data.Google did not respond for requests to comment beyond its Tweet and other security experts said that victims should remove the hackers from their accounts as soon as possible.”The point of the attack isn’t clear yet, but it could be a pre-cursor to some larger attack they’re planning,” said Matthew Gardiner, a security expert with email security firm Mimecast.Here’s how to check whether you were hit by the phishing scam, and change your Google Account password.