Google Phishing Scam Aggravates Customers
Rhonda Adams, New York City based entrepreneurA surprise – and very effective – phishing attack caught millions of Google users unaware recently, causing quite a stir online. The scam used a convincing Google Docs email to entice users to “share” their accounts with the person on the other side. That’s standard operating procedure for using Google Docs, but this time the person on the other side was an as yet undetermined hacker group.Google claims to have stopped the attack “within the hour” by taking steps including the removal of fake pages and applications. Google also claims that “while contact information was accessed and used by the campaign,” “no other data was exposed.”So, the company was able to catch and stop the hack before it got rolling, but that doesn’t keep internet users from being a bit jumpy. This was, by far, one of the most sophisticated phishing attempts in recent memory, because it looked so authentic. Even users who are on Google Docs every day had no red flags.Google claimed users really didn’t need to take any more action – other than not opening suspicious Google Docs emails – but if they wanted to take extra steps, they could visit Google Security Checkup.From a public relations perspective, this hack was both good and bad for Google. On the bad side, it showed how easy it could be for bad actors to trick users into giving up their information. However, on the good side, little was done to harm anyone. This is in contrast to many other well-publicized hacking attacks in recent years, the poster child being the Yahoo hack that affected “one billion” users.That said, one of the biggest issues is how close this call really was. Users who opened the email and followed the instructions accidentally gave hackers access to their email accounts, and the malware involved in the hack then sent the same email to everyone on that contact list. That’s how easy something like this could grow exponentially.Given how connected billions of users are these days through social media and constant online activity, a malware attack like this could trigger massive hacking issues with just a relative few positive responses to the phishing attack. As for this attack, Google says, because they were able to stop it in time, the attack only affected about one million users. But, again, it could have been much worse.There’s a PR opportunity here if the tech companies want to take it on. Communicate positively to customers, not just talking about the dangers, but giving them ways to protect themselves, is a slam dunk PR opportunity for a company savvy enough – and prepared enough – to take advantage of the open door.