Hackers are targeting Google Docs users in attacks that send malicious links through the comment feature.
A new report by email security firm Avanan outlines how cybercriminals are exploiting Google Docs.
In December 2021, Avanan noticed a 'new, massive wave' of hackers utilising the comment feature and mainly targeting Outlook users.
Cybercriminals are weaponising the comment feature in Google Docs in a ploy to get users to click on malicious links.
Users are sent an email when others make comments on documents in Google's free word processor.
In the attacks, scammers will target users by tagging them in a Google Doc comment and adding a malicious link in the comment.
Victims will then receive an email alert about the comment that shows only a name - not an email address - which makes the scam 'ripe' for impersonators.
When clicked, the link will prompt a malware infection.
Avanan said this email attack is useful for two fundamental reasons.
Firstly, it uses a legitimate Google email notification that's trusted by users.
Secondly, the email uses a hacker's made up display name and not their email address, which is harder for anti-spam filters to judge.
It means criminals can impersonate someone you know and trust in Google Doc comments.
Plus, it's a shortcut to get to potential victims. Tagging someone in comments will send an email notification right to victims' inboxes.
Avanan said they alerted Google to the problem on January 3.
How to protect yourself from the scam
Avanan shared several tips for Google Docs users on their report.
- Before clicking on a link on Google Docs comments, cross-reference the email address in the comment to make sure it's legitimate.
- Use 'standard cyber hygiene', including scrutinising links and inspecting grammar.
- If you're unsure, reach out to the actual sender to confirm they meant to send that document.
- Make use of protection that secures the entire suite, including file-sharing and collaboration apps.
