Gmail For Android Now Adds Phishing Protection Features

Gmail For Android Now Adds Phishing Protection Features

Gmail For Android Now Adds Phishing Protection Features

Why this matters: Phishing attacks are a fact of life on the web, but the Google Doc scam this week was particularly sophisticated.

Here's what you need to know: The invitation will come from one of your existing contacts and may look totally legit at first. Google are working hard and have already managed to shut down some of the phishing pages used by the attackers, but nobody is safe just yet.

They include a button which, if clicked, sends you to a genuine Google sign-in page - but the application asking you for permission to use your account is not the real Google Docs.

It could have been called "Jane" or "Team Spreadsheet" or "Malicious Link". Just as the many dialer apps will warn you about spam callers, Gmail will now alert you to suspicious links embedded in the body text of the email. The requested permissions include reading, sending, deleting and managing your emails and contacts.

Close to a million Google users were victims of a phishing scam on Thursday morning. Google has taken action to protect users, including removing the fake Google Docs pages and disabling the offending accounts. "We encourage users to report phishing emails in Gmail".

Google Docs was targeted by a phishing attack earlier today, which the company claims to address within an hour. Users who might have been affected can do a Google security checkup to review what apps are connected to their accounts.

Anyone who clicked on the Google Doc link should change their password immediately and revoke access to the fraudulent "Google Docs" app in their Google Account settings.

Google said the rollout will be gradual, over the next few days.

Recipients were asked to open a Google Doc.

However, security experts said Tuesday's phishing attack probably wasn't from Fancy Bear, a shadowy group that many experts suspect works for the Russian government. OAuth stands for Open Authentication, and it is the sort of system that pops up for users to agree to terms and services when installing a new app, for example.

Fifty-five percent of respondents said they send or receive at least 11 documents via email every day, and 20 percent said their company either has no policy on how to handle email attachments, or they haven't been made aware of it.

Related news