A dangerous flaw detected in Google Docs

Here is one of the new features launched at the end of 2021: the use of the Comment function of Google Docs for conducting operations phishing. The company of Avanan published a report which describes this practice allowing to pass quietly through the mesh of the safety nets of Google. Concretely, the hacker will create a Google account and generate a document Google doc. In the Comments, he will mention his target by tagging it with an @. Google is then fooled and will send a notification email to the target’s inbox. The victim is then informed that another user has commented on a document and mentioned it. Crédule, the person will then click on the comment link. This will lead him into the phishing trap by entering identifiers on a fake web page, or by downloading a malware.

A new phenomenon

If it works, it is because the real email of the author of the comment does not appear, we only see a name and this allows to usurp the identity of a target contact easily. It should also be noted that the process is, in the same way, employed with the other tools of office automation from Google. Avanan thus detected this kind of method via Google Slide, and other Google applications. Also according to the company, the perpetrators of the attack seem to favor Outlook users. They also detected over 100 Google accounts which are exploited by hackers. For the moment, this emerging phenomenon has generated around 500 notification messages in the mailboxes of around thirty organizations. This is only the beginning, but the innocuous aspect of the message makes the target tend to fall into the trap of phishing quite easily.