Not long ago, a new computer virus appeared and attacked users around the World. Not WannaCry (extortion virus) but a type of malicious code, spreading through Google Docs and making Google itself helpless , watching its brand be taken advantage of as an effective tool, aiding the bad guys.
It's impossible to pinpoint, but the virus was called by the method it used to attack the victim, the Google Docs virus. Specifically, when it has penetrated into any computer, it will automatically compose an email and send it to friends and acquaintances in the victim's list with the content it wants to share with you a document file. there. The trick may not seem too new, but the thing is that this virus will ask you to log in to your Google account, then the familiar Google OAuth authentication website will appear with a request for a password. access and force the user to agree to continue.
Real and fake email illustrations
This virus is considered dangerous and sophisticated not only in that it comes from the address of someone you know. But also because it can accurately use every word of a standard email, even the biggest trap (the Open button ) is perfectly designed and lifelike, making users no matter how observant. also hard to detect.
In addition, as soon as you click the Open button to confirm the file share, the victim will be taken to a website that grants OAuth access (also from Google). The interface, the presentation, the words, the avatar... everything is so perfect it's unbelievable. Make no one doubt.
The only way to detect this is a phishing tool is to left-click on the downward arrow icon in the section Google Docs would like to , because it will now show you some information related to the source of this site, and that could be anything, except Google.
The only way to recognize the virus but almost no one knows and pays attention to this feature
As the images in the article, we can see that it is an email address named [email protected] .
This can be considered a major security flaw of Google, because its applications and software always use the Google OAuth authentication page, so it is very easy for bad guys to take advantage of attacks. However, there is an easy way to find out, that the development source of this page always has the extension @google.com .
At the same time, instead of directing the victim to a Google website, the virus will try to direct the victim to a fake website with a similar interface ( googledoc.g-docs.pro ).
Google still can't solve this problem for users
Another problem that Google also needs to consider, is that companies have limited control over the virus attached to Google's infrastructure. Instead of taking control, they will direct the user to an error page and turn off the authentication request from OAuth. Although Google took steps to prevent it, with the short time it took to spread, the Google Docs virus got everything it needed from its victims.
Currently, Google has only announced that they have removed the offending accounts and fake websites, without mentioning the prevention or remedy for the victims, the only way that users still have to rely on, is to be vigilant. and do some simple methods below:
Until Google or security companies find a way to completely fix this problem, you should be careful what you suspect and try to be careful with every click of your mouse.
Montreal, a city brimming with culture, history, and Poutine (a famous Canadian dish), deserves an internet connection that can keep up. Whether you’re a streamer glued to Twitch, a workaholic juggling video conferences, or a casual web surfer, a reliable and fast internet plan is essential.
What is ChatGPT? Why is it creating a global fever? In recent days, the ChatGPT chatbox is creating a global craze. Not only that ChatGPT is creating
Google Drive for desktop will be discontinued in March 2018, Google has officially announced that it will stop supporting Google Drive for desktop and then the company will remove the application.
The latest Adobe Flash Player update contains virtual currency mining malware, researchers from security firm Palo Alto Networks warn users if they download the wrong update
One Ordinary Day - Movie schedule One Ordinary Day, One Ordinary Day (Vietnamese name: One Ordinary Day) is an attractive Korean film about a crime topic.
Simple ways to fix AirDrop not working error, AirDrop not working on iPhone, iPad, Mac what to do? This article will provide you with simple ways
Status for opening the new school year 2023 - 2024, TOP 50 Status for opening the new school year 2023 - 2024 to help you freely choose unique statuses and statuses for yourself!
Top photo editing applications similar to Snap Camera, Snap Camera is a free camera application that helps apply Snapchat filters. In addition to Snap Camera, you can refer to these
Ways to fix file attachment errors on Gmail, Why can't I download files in Gmail? Why can't you attach files to Gmail? Here are the causes and how
Is it safe to use public Wifi?, Public Wifi helps you connect to the Internet for free. However, is it safe to use public wifi? Join WebTech360
TOP best computer screen recording software 2024, Which is the best lightweight, free, high-quality computer screen recording software? Let's find out the top with WebTech360
Tips for using Google Chrome that students need to know, Google Chrome is the most popular web browser today. You probably already know how to use it, however, if
Please upgrade TeamViewer immediately or your computer will be hijacked. Teamviewer has just released an emergency patch that allows hackers to take control of your computer.
Should you use Tor and VPN at the same time? Tor and VPN both provide privacy protection but in different ways. So should privacy and security features be combined?
Signs of a fake Instagram account. Are you wondering whether the Instagram account you are following or contacting is genuine or legitimate? Signs below
Explore BlueStacks X on PC, BlueStacks X allows you to open Android games using cloud computing on your web browser. With BlueStacks X, you are no longer limited
Play Fish Release game online on My Viettel to receive free data packages, voice calls, SMS, Viettel's Online Fish Release program will take place from January 30, 2021 to
Unreal Engine 5: All information about the latest game development technology, Unreal Engine 5 is the latest version of the famous game development tool Unreal Engine of
What is an email address? How to get an email address?, What is an email address? What is email address entry? This article will answer all your related questions
Every WhatsApp shortcut for your computer you need to know, WhatsApp is one of the most popular free messaging apps today. The keyboard shortcuts below will help
