Skip to main content

Ransomware attacks have been in the headlines a lot of late. Did you know that 65% of all ransomware attacks happen through phishing emails? Therefore, email security needs to be a major focus when delivering security awareness training. It is likely that future variants of the recent WannaCry ransomware attack will be delivered via phishing emails.

As reported earlier this month, some Gmail users fell victim to a massive phishing attack that frightened many… a phishing attack that targets all your contacts. Now let us look at how gmail users were susceptible to the phishing attack.

THE PHISHING EMAIL

Gmail users received an email (from a known sender) that was an invitation to view a shared Google Doc. After clicking the link in the invitation email, users were directed to a legitimate “Google – Choose An Account” screen, after which they were prompted to authorize Google Doc to access their Gmail account.

Simply click “Allow”…  With no login prompt…

Sound suspicious yet?

THE HACK

At this point, it was not Google Docs requesting access – but actually a malicious app.  As Reddit carefully detailed, this hack would actually:

  1. Bypass any 2-factor authentication controls
  2. Scour your Gmail contacts list, and replicate itself by sending emails (on your behalf) to everyone you’ve ever emailed
  3. At this point, it would also have access to your Gmail account, including the ability to read previous messages

THE PROTECTION

SonicWall™ Email Security now integrates with the Capture Advance Threat Protection service, to deliver fine-grained and user-transparent inspection of SMTP-based traffic. The cloud-based Capture ATP service can scan a broad range of email attachment types, analyze them in a multi-engine sandbox, and block dangerous files or emails before they reach your network. SonicWall Email Security with Capture ATP gives you a highly effective and responsive defense against email-borne threats, including ransomware, phishing, spoofing, spam and viruses.

WHAT ELSE YOU CAN DO

To avoid phishing scams, below is a refresher on what you can do to not fall prey:

  • Don’t click on URLs in emails without checking its full path and understanding where it is leading to.
  • Don’t download any plug-ins from the email link itself. Go to the vendor’s (Adobe, Microsoft etc.,) website to download plug-ins
  • User 2-factor authentication, wherever possible

Finally, if you were a victim of this attack, following are a few steps you can take to resolve the situation.

  • Go into your Google Account Permissions page and remove access privileges for the Google Docs account
  • Google also encourages users to report phishing emails in Gmail

Lastly, test your knowledge on all-things-Phishing related by taking the SonicWall Phishing IQ Test… and avoid being scared of emails!

Download Solutions Brief: What your next-gen email security needs to stop advanced threats.