Google to Tighten OAuth Rules to Block Phishing Attempts After Fake Docs Attack

[Bot]

Content source

http://news.softpedia.com/news/google-to-tighten-oauth-rules-to-block-phishing-attempts-after-fake-docs-attack-515521.shtml

Following last week's widespread phishing attack on Gmail users, Google says it will work on tightening enforcement of the OAuth system it uses for linking Google accounts to third-party apps.

Last week, people were receiving emails containing a fake Google Docs link that appeared to come from someone they knew. Upon tapping the link, the user was taken to a page where they were asked to give permissions go Google Docs. This, however, wasn't the actual Google Docs coming from the Mountain View company, but a fake tool that sought to get account permissions.

Google dealt with the problem within an hour of getting the first reports, but by then plenty of people had tapped the link. Thankfully, removing permissions for the app was quite simple.

Read more