Skip to content

May 13, 2017

Google has changed its developer guidelines to protect users against phishing attacks

by John_A

Taking steps to prevent future phishing scams.

Google has updated its app identity guidelines and put new review processes and restrictions on web apps that request user data in response to the phishing scam that popped up last week. It’s all outlined on the Google developer blog, which outlines the new steps web app developers will need to abide by in order to help Google and its users better detect spoofed or misleading app identities.

new-google-logo.jpg?itok=9cilKqtM

On May 3, you may have received some suspicious emails with convincing Google Doc links. This was a phishing scam concocted by a third party developer who managed to create a web app that convincingly mimicked Google Docs and quickly spread, spammed users with links requested access to send and receive emails on users’ behalf, along with general access to accounts.

To Google’s credit, it took immediate action and had disabled the offending accounts little over two hours after users first started reporting the issue on social media. In its official response, Google stated it was working on new measures to prevent such things from happening again.

These changes are now in place and may affect how developers go about registering new applications or modify existing applications. The new review process includes a manual review for some web applications asking for data permissions, which Google says may take up to 7 business days to process. Developers will be able to continue testing their applications with accounts registered as an owner or editor of the project, but public accounts will get an error message instead of a permissions consent page.

These changes might be a bit frustrating for those developers who have no malicious intent, but should prevent future phishing scams. Meanwhile, as users, we should always be paying attention to those app permission windows whenever they pop up.

[custom:

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: