Several users of Google Docs, the popular online word processor that lets users create documents and collaborate on them with friends, family and colleagues, have been reporting receiving queer invitations to collaborate on documents from familiar accounts.
It turns out that the emails these users were receiving weren’t really from the “familiar” accounts they posed to be from. They were from malicious schemers out to access, illegally, user details like emails, contacts and what have you when the link with the “invitation to collaborate” is clicked. There is a detailed breakdown of how this went down for one user on Reddit. This, in the tech world, is what is known as phishing – when one is tricked into sharing personal information or login credentials through what appears to be or poses as a something real or legitimate.
The Wikipedia definition of phishing, which is what you get instantly when you do a Google search, is more straightforward: Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. According to Google, “phishing attack happens when someone tries to trick you into sharing personal information online.”
Why phishing? Because like in fishing where a fish falls for a fisherman’s bait and ends up on a dinner plate not long after, people get baited by internet scammers.
Enough with the education.
So, yes, that happened and Google moved in swiftly to make amends. Things are ok now. However, it’s better to be proactive rather than reactive. Which is why Google did not stop at stopping the spread of the phishing attack and advising users who may have fallen for the dirty trick on what to do. It went ahead and updated the Gmail app on Android.
When users click what appears to be a suspicious link in their email on the Gmail app on Android, they will be warned and prevented from accessing the suspicious link straightaway. They will, however, be presented with two options: to proceed to the site flagged as unsafe or to report to Google that the site is not malicious. This is part of Google’s Safe Browsing program.
The feature is rolling out gradually but should have reached all users in 3 days’ time.
According to data released by Google at the start of last year, there are over 1 billion monthly active users of Gmail. Gmail comes pre-installed on nearly all Android devices sold on the planet and that app is the primary means of accessing email for many users.