Presentation is loading. Please wait.

Presentation is loading. Please wait.

Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino

Published bySurekha Gokhale Modified over 6 years ago

Similar presentations

Presentation on theme: "Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino"— Presentation transcript:

1 Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino
Google Mail Hack Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino

2 What Happened? Phishing Scam
Sharing a Google Doc by trusted accounts to gain permission to access. 1 million users were affected Google stop the scam in one hour tech/google-phishing- s-attack-gmail-scam-link- doc-invitation-hack-a html breaches hack-phishing-attack.html

3 Impact on Google (Risk)
Hackers attack Gmail accounts Disclosure of personal information It also affects businesses that use Google’s service The worm through arrived user’s inbox The worm also sent itself out to all of the affected users' contacts Cause million users suffered serious damage Potential disaster Hackers can collect data from users’ contacts and change their password on other accounts Manipulate Google's real login system Hackers attack Gmail accounts Disclosure of personal information It also affects businesses that use Google’s service The worm through arrived user’s inbox The worm also sent itself out to all of the affected users' contacts Cause million users suffered serious damage Potential disaster Hackers can take over the user's Amazon, Facebook, or online bank account by collecting any personal data that the user has ever sent or received by ing them and having them reset their password on other service accounts. Some malicious mail from users’ known , manipulate Google's real login system

4 Root Cause Tricked the user into granting permissions to a third-party application No security alert from Google Weak security awareness of users

5 Missing Controls Awareness Cyber-intelligence Services
Understand what is at risk Recognize suspicious activity Cyber-intelligence Services Used to identify on-line threats and misrepresentations See an influx in traffic

6 Recommendation 1. Be cautious of any app asking for access to your information 2. The importance of immediate response 3. Be vigilant, and when in doubt, don’t click 1. There are a TON of websites and apps out there that ask for your information. What was notable about the Google attack was that it gained access to your information indirectly through a legitimate, trusted service. This is possible because companies like Google, Facebook, Twitter and Microsoft all work with 3rd party websites and app providers. Have you ever downloaded an app that says: “Sign in with Facebook” or “Sign in with Google”? By using those options, you’re allowing Facebook or Google to share certain information about you with another service, without giving away your password. Most of the time, this is a really convenient service, allowing you to access many websites without separate login credentials. The problem is that it has become so commonplace that we don’t always think before clicking “Allow.” The Google attack is a good reminder to be cautious of these types of 3rd party requests, because copycats will certainly try the same trick. 2. Despite how fast the attack spread, Google minimized the damage by responding immediately. If you look at this report from a Reddit user, you can see how quickly a Google employee jumped on the thread and elevated the issue to the appropriate team. The threat was resolved in less than an hour, and only .1% of Google’s users were affected. Other businesses should learn from this example. Not only did Google’s team have the technical expertise to stop the threat, but they were accessible and even actively listening to their users. Businesses need to have a plan in place so they know how to respond in the event of a cyber attack. Additionally, they need to have a reliable IT resource who they can reach immediately and who they can rely on to solve the issue quickly and effectively. 3. Hackers and cyber criminals are always coming up with new ways to try to compromise your information. We share a lot of information with companies like Google, and while their teams are doing their best to protect that information, they can’t catch everything. Ultimately, it’s still up to you to pay attention and avoid putting your personal or business information in danger. If there’s ever any doubt about a link or you’re not SURE you can trust a sender, don’t click. Better yet, report anything that looks suspicious. Even an from someone you know may not be safe – it’s better to pick up the phone and verify it than take the risk. Phishing attacks often rely on people clicking without thinking, so be careful what you click!

Download ppt "Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino"

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
8 Mistakes That Expose You to Online Fraud to Online Fraud.

8 Mistakes That Expose You to Online Fraud to Online Fraud.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
EMAIL SAFETY What to be aware of and how to avoid problems. **This is not meant to make you fearful of email. The goal of this discussion is to make sure.

SAFETY What to be aware of and how to avoid problems. **This is not meant to make you fearful of . The goal of this discussion is to make sure.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.

 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.

Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
Phishing scams Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)

BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)

Similar presentations

Ads by Google