Google adds a warning banner to Google Docs, Slides, Drawings, and Sheets when you open malicious files and links from the web.
According to the company, this banner will appear when dodgy files are accessed from within Google Drive and from suspicious links within separate Sheets, Docs, Slides, and Drawing files.
The feature will be rolled out on Apr. 29 to help protect users in a wider range of situations.
Google to Adds Warning Feature for Malicious Files
On Jan. 20, Google announced that the warning banner was already added in Google services such as Docs, Slides, Sheets, and Drawing. However, the search giant told The Verge that it was a typo.
The warning banners appear to be an attempt to combat phishing scams that use Google's office productivity software to create a veneer of authenticity around dodgy links and phishing attempts.
In 2020, Wired reported on a wave of scams that were using Google's various sharing and collaboration features to send their malicious links and files to a lot of victims.
Clicking a link in one of these malicious documents sends a user to a site filled with dodgy ads or a typical phishing site asking them to enter bank or other account details.
Google's announcement says that the new warning banner is rolling out to businesses, accounts, and personnel alike, according to ZDNet.
Scam Using Google Docs
Scammers have found a way to use Google Drive to find victims, according to Wired. The flaw in the Drive is being exploited to send out what seems to look like legitimate emails and push notifications from Google.
However, if an unsuspecting victim opens the email, it could land them on malicious websites. The scam itself is nothing new because messages asking people to click on dodgy links have been going on for years, but it still catches a lot of people off guard.
The smartest part of the scam is that the emails and notifications it creates come directly from Google. On mobile, the scam uses the collaboration feature in Google Drive to create a push notification inviting people to collaborate on a document.
If tapped, the notification will take you straight to a document that contains a very large link. An email notification created by the scam, which also comes from Google, also has a malicious link.
Unlike regular spam, which Gmail does a great job in filtering out, this message makes it into the inbox, but it also gets an added layer of legitimacy by coming from Google itself.
The success of email spam filters has left scammers looking for new ways to get victims to click on the malicious links.
Scammers often use Google Drive because it is accommodating. Drive wants you to know when someone has mentioned you on a Google document.
In a work setting, this could be a colleague asking you to review a presentation or check on an ongoing project. However, it is a clever way for scammers to put a malicious link in front of a potential victim.
In January, Google accidentally approved a Target gift card scam that a Redditor pointed out.
Related Article: Google's Phishing Quiz Wants To Teach You How To Avoid Phishing Scams
This article is owned by Tech Times
Written by Sophie Webster