Phishing scams, whereby cybercriminals masquerade as trustworthy entities to fool victims into disclosing private information, have had a recent surge in popularity. This is largely because hackers realize the best way to infiltrate a system is by exploiting people’s trust. Although these attacks bypass network security systems, there are some tools you can use to defend against them. One is Google’s new anti-phishing feature for Gmail apps on Android devices.
Phishing warnings
The new Gmail app feature uses Google’s Safe Browsing technology to examine billions of URL links per day and identify websites impersonating legitimate ones, like an online store, bank, or social media. It will then check whether these websites are embedded with malware or have elements of a phishing attack (e.g., asking for login credentials, private information, etc.).
If it has reasonable evidence to think that the website is indeed malicious, Gmail will display a warning prompt: “The site you are trying to visit has been identified as a forgery, intended to trick you into disclosing financial, personal, or other sensitive information.”
Keep in mind that Gmail may come up with false positives, and for this reason, Google does not completely block access to using a link but advises that you take extra caution if you choose to proceed.
The tech giant also reported this update is available only for Android users and will eventually reach other devices; so if you have an iOS, be extremely careful when interacting with any links in your Gmail accounts.
Safety for Gmail and Google Docs
In other news, a widespread phishing attack affected thousands of Gmail and Google Doc users earlier this month. The attack uses a spoofed email from a known contact attempting to share a ‘document.’ If opened, the fraudulent link redirects victims into an innocent-looking Google page that asks for account permissions. If users grant access, a worm collects your contact list and proceeds to attack other users. Fortunately, Google quickly responded to the scam, removed the fake pages, and updated anti-phishing detection to account for similar threats.
Security training
While Safe Browsing features are extremely helpful for Android Gmail users, they shouldn’t be a total substitute for good security awareness. Remember, phishing exploits human trust, so make sure to train your employees to have a healthy skepticism of every unsolicited link or file and download security updates whenever possible.
For more information and advice on security training or Android-related news, give us a call today. We’ll make sure your business is completely up to date with shifting mobile security trends and issues