"Attackers Unleash OAuth Worm via 'Google Docs' App"
Security researchers have discovered a new “Google Docs” phishing campaign that attackers have launched to deceive Google users into logging in and granting permission for the application to access their account permissions. This phishing campaign quickly evolves into a worm if the fraudulent app is granted authorization by the user, allowing distribution to contacts. Although this attack was soon terminated by Google, about 1 million users may have still been affected. This article further discusses how the attack performs, details of the OAuth Worm, what cybercriminals behind this attack could do with the stolen information as well as the importance of users being cautious of what they click on.
BankInfoSecurity reports "Attackers Unleash OAuth Worm via 'Google Docs' App"