Phishing attacks typically involve luring a user into clicking a nefarious link or persuading him/her to fill up an unknown form which essentially provides the attacker with the user’s personal credentials. Attackers have repeatedly used Google Docs in perpetuating such phishing attacks targeted at University of Oxford. This forced the university to block the service altogether.
Filtering out suspicious URLs which attempt phishing attacks is easy if their traffic is not encrypted. However, when it comes to Google Docs, all traffic is encrypted. That made it harder for the university’s cyber security team to filter our suspicious forms hosted on Google Docs.
So the University of Oxford requested Google to take down such forms which were attempting a phishing attack. Google, however, was quite slow in responding which meant that every passing hour was increasing the number of prospective victims of the attack.
To resolve the matter on its own, the university blocked Google Docs in its entirety. This was a dire measure but it was needed, the university administration says. That is because once the phishing attacks spread unattended and lead to malware accessing email accounts of the students and staff, this can lead to popular email services blocking these accounts. And that could be disastrous for everyone at the university.
However, within two and a half hours of blocking Google Docs, it was realized that the faculty and students heavily relied on Google Docs because of the service’s tight integration into other Google services. As a result, the Computer Sciences department had to revoke the ban while promising to explore other alternatives of countering the phishing attacks.
Source: University of Oxford