moderated Google Docs invite phishing attack


 

Hi All,

This has nothing to do specifically with Groups.io. There's a phishing attack going on right now that's apparently fairly widespread, involving Google Docs invites. If you receive an unexpected invite to a Google Doc, don't click it, delete it.

As a reminder, and in general, you should turn on two factor authentication for all your accounts, including your email account and your Groups.io account.

Cheers,
Mark


 

Mark,

There's a phishing attack going on right now that's apparently fairly
widespread, involving Google Docs invites.
I got it twice today, both times in my remaining Yahoo Groups. One fortunately held pending in a fully moderated group, but the other went through on my (mostly) unmoderated alumni group.

Both with a very odd Received line. My first reaction was that both came through compromised Gmail accounts, but now I'm not sure if the Gmail accounts were actually compromised, or if this represents a kind of spoof that passes authentication tests.

X-Received: from 73997885975 named unknown by gmailapi.google.com
with HTTPREST;
The from is of an unfamiliar (to me) form, and access through an api suspicious.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


Dave Sergeant
 

Mark

I appreciate that two factor authentication is seen as a good thing
(although some query whether it is as secure as it is claimed to be).
For those of us who don't spend all their time staring at their smart
phones it is far from convenient. My PAYG mobile is only turned on if
and when I need to use it, very rarely, so I won't be enabling two
factor here.

I don't use Google Docs either - so any email I receive about that
would be instantly known to be spam.

Dave

On 3 May 2017 at 14:14, Mark Fletcher wrote:

As a reminder, and in general, you should turn on two factor
authentication for all your accounts, including your email account and
your Groups.io account.

http://davesergeant.com


 

Dave,

For those of us who don't spend all their time staring at their smart
phones it is far from convenient. My PAYG mobile is only turned on if
and when I need to use it, very rarely, so I won't be enabling two
factor here.
The second factor is only required the first time you access Groups.io from a given browser/device -- not on every sign-in. This makes it far less arduous than you're imagining. It primarily happens when you bring up a new device/machine or install a new browser (or use someone else's computer). Unless you routinely use public computers or for other reasons frequently flush your browser's memory.

I don't use Google Docs either - so any email I receive about that
would be instantly known to be spam.
You don't have to be a Google Docs user to know someone who might want to share a file with you.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


Brian Vogel <britechguy@...>
 

I guess it really depends on how you interact with cyberspace in general. I use Google Docs extensively, but were I to receive an invitation "out of the blue" from someone I didn't know it would be instant "electronic round file." I make it a point to let anyone that I will be sending an invitation to (which virtually never happens, I just make most things shareable to the world and send a link) that it will be forthcoming and expect the same. For myself, two-factor authentication is gross overkill and I don't use it and have no intention of doing so. Most vulnerabilities are the direct result of inadequate reflection on the part of the user before they take an action.


 

On Thu, May 4, 2017 at 12:22 AM, Shal Farley <shals2nd@...> wrote:

The second factor is only required the first time you access Groups.io from a given browser/device -- not on every sign-in.

Slight addition. The login cookie expires every 30 days, which means you have to go through the entire login process every 30 days.

Still, it's a good idea to add it if you can.

Thanks,
MarkĀ