KEY POINTS
- Phishing is a common method used to deploy malicious software on a victims machine.
- Verizon’s 2020 Data Breach Investigation Report identified that 22% of data breaches involved phishing attacks.
- A study by FAU researchers discovered that 78% of those surveyed were aware of the risk associated with clicking on links in emails from unknown senders, yet did so anyway.
This Ask the Experts session stems from a question originally posted on Quora regarding “can you get hacked through Google Drive?”
Just when you thought you were finally safe online; scammers and hackers have devised yet another ingenious plan to get you to fall victim to a variety of cyber attacks and scams. This time, the bad guys are relying on a platform that many of us use on a daily basis, Google Drive. By leveraging Google Drive, the malicious actors have yet another tool which they can use to lure us to malicious websites. These websites can then be used for phishing attacks, and to distribute malware. Let us take a look at how this attack is initiated, why it is particularly effective, and how to defend against it.
How Is the Attack Initiated?
Similarly, to a traditional phishing email, a victim will receive a Google Drive Notification and email asking them to collaborate on a document with the malicious individual. Upon clicking the link in the notification or email, the victim is then directed to a Google Drive document. This document will contain a link to a malicious website. If the victim clicks on the link embedded in the document, the victim will then be redirected to the malicious site which may be used for phishing purposes, to distribute malware to site visitors, or to flood your browser with ads and notifications which if clicked, will generate the scammer ad revenue.
Why Is This Attack so Effective?
While utilizing Google Drive to kick off a phishing campaign or other malicious act may not be the most elegant/stylish plan of attack, it is effective. You see, emails are routinely scanned for spam and other indicators of criminal activity. security awareness training programs focus on identifying red flags in emails sent from unknown accounts. The Google Drive method avoids both of these safeguards. When a Google Drive document is weaponized, instead of a victim receiving a shady email from a sketchy email address, the victim ends up receiving a Google Drive notification and a legitimate email from a valid Gmail account, “drive-shares-noreply@google.com”.
How Can I Protect Myself from This Attack?
Since this attack relies heavily on social engineering, the defensive measures used to protect yourself from falling victim to phishing or other malicious exploits via Google Drive are similar to the ones used to defend against traditional phishing emails:
- Always think before you click – Were you expecting a collaboration request? Do you know the sender? Are the links to a legitimate and reputable website? If the answer was no to any of those questions, you have a right to be suspicious.
- Make sure that your security programs are up to date – An up to date block list or virus definition can do wonders for you when it comes to phishing attempts. Especially if the bad guy or gal is trying to get you to download a malicious file that has already been flagged by the security community.
- Update your credentials if you accidentally clicked a link – Better to proceed with caution than to have your bank account emptied out or sensitive emails disclosed to the public.
- Routinely back up your data – In the event that you clicked on a malicious link, a malware managed to get installed on your system, at least you can restore your files from a backup.
*These tips are primarily geared towards US based readers, but can be used by anyone:
- Forward the Google Drive email to the Anti-Phishing Working Group at reportphishing@apwg.org
- Report the phishing attack to the FTC at ftc.gov/complaint
At the end of the day, Google Drive can be used by scammers and hackers alike to wage a campaign of terror. Luckily for us, we can defend against such threats by being skeptical, closely investigating emails and notifications received by unknown senders, maintaining backups of our files, and maintaining/updating our security programs.
Have any questions regarding additional safeguards that you can take to protect yourself from hacking via Google Drive? Contact us and we will be glad continue the dialog! Do not forget to click here to subscribe to our weekly newsletter for more information security related tips and tricks.
Additional Resources