It’s trivial for a malicious actor with average skills to craft an email that looks like it’s coming from someone you know, or Google itself. Second, if someone is regularly receiving emails like this one, where they are prompted to click a button, it increases their chances of getting phished. First, it opens up the possibility that a document owner could, in a moment of distraction or haste, accidentally approve someone who shouldn’t have access. There are a couple of reasons why this could be dangerous.
If they request access, the owner of the document will receive an email like this, with a blue button in it, prompting them to “Open sharing settings” in order to provide that access to the requester:
If they click the link they’ll be brought to a page that says “You need permission” and instructs them to click a blue button that says “Request Access” on it. If someone with a Google account received a link to a file on Google Drive that they don’t have access to, they wouldn’t be able to open it.
0 kommentar(er)
