Google® has revolutionized the modern office with its collection of IT-related business applications. At the core of it all is G Suite™ (formerly Google Apps for Work). The productivity platform consists of word processing, spreadsheets, presentations, calendars, and email all in one collaboration-focused grouping of productivity tools. But, because the email component of G Suite is prominent, people can be duped into phishing attacks. In order to mitigate risk, it may be time to eliminate the web G Suite Password reset.
Why is G Suite Popular?
G Suite compares favorably to other cloud software like Office 365™, because G Suite’s base price includes a lot more tools at a lower price than Office 365’s base price. G Suite offers word processing, spreadsheets, email and presentation tools for $5/mo while O365 offers just email at that price. While these tools are not generally as robust as their O365 counterparts, they’re enough for the majority of users out there.
Phishing for Creds
However, given the widespread adoption of G Suite, password resets for the platform have become a tool for phishing attacks. In phishing attacks, hackers mimic Google’s URL, then use these dummy sites to pretend they’re genuine Google websites. Phishing attacks attempt to glean personal data by claiming a user needs his/her password reset via email, then offers a phony website as a place to do so. Upon clicking said phony website and filling in the credentials, once the user hits submit, the password is sent over to the hackers. Some can even install malware on the duped user’s system and wreak even more damage.
The vast majority of internet users on the web believe they won’t ever fall for a phishing attack. They’ll claim they’re too internet savvy; that they can spot an imposter email from two computer screens away. But, some of those users are wrong. In their annual cyber security report, Verizon found that some 4% of people fall for phishing emails. And while that doesn’t seem like a very high figure, those who fall victim to a phishing attacks are more likely commit to the (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: https://jumpcloud.com/blog/eliminate-the-web-g-suite-password-reset/