Google Docs can provide your organization with excellent tools to promote real-time collaboration among team members at different locations. However, this cloud-based service can also be used by criminals to breach company’s security protocols.
As is often the case, the line of attack occurs when a seemingly innocent email is sent to a potential victim. The message, meant to entice the staff member with a subject of interest, directs them to a document on a Google Docs page. Although the page appears to be designed to share information outside the company, it is, in reality, a custom-designed phishing website. When the victim clicks on the document, they are requested to sign in to Google Docs.
Once they do, their user name and password are captured by the website. As a result, your organization is rendered vulnerable to data sabotage and theft. Equally disturbing, the hacker is difficult to trace because they use the trusted Google Docs platform to host their attacks.
In recent years, businesses of all sizes have increasingly entrusted their data and work activities to cloud-based services such as Google Docs. While this strategy allows for convenience and ongoing access to the latest software updates, the need for constant vigilance in information security has never been more pressing. Now more than ever, organizations should place continuous emphasis on state-of-the-art email and network security tools and solid awareness training for staff members at all levels.