When Something Smells 'Phishy'

May 15, 2017 By Caitlin L, Young Editor
iridescent's picture

With the amount of technology in the world today, the internet is becoming more and more a part of our daily lives.

Sometimes the benefits of a connected society also comes with drawbacks. More usage gives rise to problems such as falling for hacks and scams. Just recently, around one million Google Docs users were affected by a phishing scam.

But what exactly is phishing? Phishing is a term used to describe the practice of sending emails to various users in order to obtain their personal information, such as date of birth, passwords, or even credit card numbers. These emails will seem to come from credible companies, complete with fake logos or official-looking graphics, causing users to do whatever the email requires of them.

What Happened With Google?

On May 3rd, emails were sent to Google Docs users, also addressed to hhhhhhhhhhhhhhhh@mailinator[.]com. The message was disguised as a Google Docs shared document notification, with the subject line as so and so “has shared a document with you”.

Because of how authentic it looked, many users clicked to open the document, along with  the agree button that allowed hackers to access the contact information and email of the user. The hackers would then use that information to send more phishing emails to the user’s contacts, and continue that process.

Google claims that they were able to take control and fix this problem within an hour. Mailinator, which hosts the scam email domain, also claims to have no involvement in this incident. So far, no other information other than a user’s contacts were known to be stolen. No one is sure who caused the problem.

Signs of Phishing

Phishing emails usually contain links in the body of the email. These links could be similar to well-known sites, with one letter substituted for another letter or number, leading you to a bugged site. In addition, other typical red flags that weren’t a part of the Google Docs phishing incident include bad spelling, grammatical errors in the message, and threats.

With this in mind, it’s all the more important to always think about internet safety. Discard emails from unknown users. Be careful what you put online. Don’t sign in into any domains that you don’t know. And most of all, pay attention to the terms and conditions that come with clicking “accept”.