⚡ Get All Content for 20% Off ⚡

After Docs Phishing Scam, Google to Call Out Unverified Apps Google is rolling out a new 'unverified app' warning screen, which will appear when you encounter web apps Google has not confirmed as authentic.

By Angela Moscaritolo

entrepreneur daily

This story originally appeared on PCMag

Shutterstock

Google is beefing up security following the major Docs phishing scam in May.

The Web giant is rolling out a new "unverified app" warning screen, which will appear when you encounter web apps that have not yet been confirmed to be authentic by the company.

"This app has not been verified by Google yet," the screen reads. "Only proceed if you know and trust the developer…unverified apps may post a threat to your personal data."

Google currently displays an error page when users and developers try to access unverified web apps. In a blog post, Google identity team member Naveen Agarwal and G Suite Developer Advocate Wesley Chun said the change "will help reduce the risk of user data being phished by bad actors."

The new warnings come after online miscreants in May launched a phishing campaign targeting Google accounts. Victims received fraudulent emails that included what appeared to be a Google Docs link. Clicking the purported Google Docs button in the message took users to an actual Google page, which asked them to grant access to an app masquerading as Google Docs. Those who granted permission inadvertently gave attackers full access to their email messages and contacts.

In the coming months, Google plans to extend the verification process and new warnings to existing apps as well. That means developers of some current apps "may be required to go through the verification flow," Agarwal and Chun wrote.

"We're committed to fostering a healthy ecosystem for both users and developers," they added. "These new notices will inform users automatically if they may be at risk, enabling them to make informed decisions to keep their information safe."

Meanwhile on the security front, researchers at social media security firm ZeroFOX over the weekend disclosed a "large-scale, spam pornography" Twitter botnet called Siren.

The company identified more than 8.5 malicious million tweets from nearly 90,000 accounts related to the campaign, making Siren "one of the largest malicious campaigns ever recorded on a social network." Links in the tweets redirected users to websites that encouraged them to "sign up for subscription pornography …or fake dating websites" known to be scams.

ZeroFOX said the campaign, which has now been shut down, was "incredibly successful," generating more than 30 million clicks from victims. The company notified Twitter and Google about the issue, both of which have removed the offending accounts and links.

Angela Moscaritolo has been a PCMag reporter since January 2012. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Side Hustle

The Remote Side Hustle a 43-Year-Old Musician Works on for 1 Hour a Day Earns Nearly $3,000 a Month: 'All From the Comfort of Home'

Sam Ziegler wanted to supplement his income as a professional drummer — then his tech skills and desire to help people came together.

Marketing

Ever Wonder Why Certain Websites Rank Higher Than Yours? This SEO Expert Reveals The Secret to Dominating Search Results

It's often the smart use of SEO, now supercharged with AI, particularly in keyword optimization.

Leadership

Former Interrogator Shares 5 Behaviors Liars Exhibit and How to Handle Them

Five deceptive behaviors to look for and how to respond to those behaviors when you encounter them.

Business News

AI Is Impacting Jobs. Here Are the Gigs Affected the Most, According to an Analysis of 5 Million Upwork Postings

The researcher said in the report that freelance jobs were analyzed first because that market will likely see AI's immediate impact.

Business Ideas

55 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.