There’s an old American adage – “never bring a knife to a gun fight.” Google proved this to be radically true after the substantial phishing attacks that cause so much damage to consumers in recent months. The scams targeted Google Drive users who opened apparently attached documents from friends, only to find that they had been caught in a phishing scam. Google has recently stepped up their game by issuing new controls for plug-ins and third party apps.
Plug-ins are necessary components for games and other functions for social and business apps. Since they’re embedded in so many places, it’s tough making users slow down and read rather than simply granting access. Google is creating a system whereby users would have to validate plug-ins and third party apps before they are approved. The method Google is employing is a validation screen that will pop up anytime an unverified app is loaded. Users will have to type out the word ‘continue’ in order to proceed.
Google’s AI Attempts
While this isn’t the first attempt to stop phishing by Google, it does include some additional measures like machine learning in order to bolster the protection Google offers. The new system would provide scans of incoming invitations to collaborate in order to potentially add a secondary layer of protection for user.
The company certainly can’t sit still, as the potential for phishing attacks is on the rise. The recent Drive phishing attacks are only one of the many potential threats. Phishing has been on the rise, and the potential for other threats is constant. Loopholes where phishing can get in seem to proliferate. Plug-ins have become the favorite vehicle for phishing attacks, and the company must continue to provide layers of protection and warning to consumers. In fact, the company is planning on including verifications for all the rest of its apps in the months to come.
Phishing for the Big One
While phishing has come to mean notes in your inbox about Nigerian princes, the reality is that individual users are now facing complex and coordinated phishing attacks with very convincing UI’s. Consumers can’t simply rely on Google to screen and protect every point of access. They need to verify apps personally, and should be careful to manage their content and app loading better. A single slip could cost consumers big, as impostors seek to manipulate markets both inside and out.