01.07.2022

Attackers using Google Docs Comment field for Phishing Attacks

MCNC Admin Avatar
By MCNC Admin
Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 1/7/2022

Action Level - Informational

Description

Attackers are once again using the Google Docs comment function to send phishing emails and malicious links to users. This attack vector is appealing because the attacker can create a Gmail account and set their name to whatever they desire, permitting targeted attacks. Further, the email will come from
comments-noreply[@]docs[.]google[.]com, preventing educated users from verifying the email came from a trusted sender. 

Take this time to remind users to avoid clicking links or opening attachments in emails unless they are from a trusted and verified sender. Users can verify a sender by calling them or sending a text or IM. If a user can’t determine the origination of an email, or the email contains something related to a task they aren’t involved in or otherwise shouldn’t have permission to access, they should default to reporting it as spam.

<-- Return to Cybersecurity Alerts...

MCNC Admin
MCNC Admin
MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Uslinkedintwitterfacebookyoutube
© 2022 MCNC