This fake Google app is really a phishing scam

Security

If employee training and education isn’t an integral part of your cybersecurity strategy, a recent scam might force you to reconsider. Instead of relying on complicated programming code to steal and destroy data, hackers are increasingly relying on human errors to get the job done. Even well-trained users are falling for the most recent ploy, take a look.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site…within Google’s own framework. When third-party app developers create Gmail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page — anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cybersecurity experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Published with permission from TechAdvisory.org.

Previous Blogs

Benefits of a Privately Hosted Exchange Server

Benefits of a Privately Hosted Exchange Server

When clients decide that it’s time to retire their aging, on-premise Exchange servers, questions often come up on where to go with their next Exchange server.  With few exceptions, the answer is the cloud due to uptime requirements for email flow and minimal cost...

read more
Data Center Upgrade and Move Announcement

Data Center Upgrade and Move Announcement

Russell Technologies has exciting news to share. We are upgrading and moving our primary data center in St. Louis, moving it from 210 N Tucker to 710 N Tucker. After almost 6 years in 210 N Tucker, this was not a decision that we made easily, but the move gives us...

read more
Security policies for your business

Security policies for your business

Businesses rarely address cybersecurity in their company policies. With cybercrimes becoming more prevalent, it’s important you inform staff about the threats they could be exposed to. Make sure your business and employees are safe with these security policies. Internet In today’s business world, employees spend a lot of time on the internet. To ensure they’re […]

read more