Google Drive starts warning users about suspicious files

Google has announced on Thursday that it has started warning users when they open potentially suspicious or dangerous files hosted on Google Drive.

Google Drive suspicious files

“We will display a warning banner to help protect [users] and their organization from malware, phishing and ransomware. These warnings are already available when opening Google Docs, Sheets, Slides, and Drawings,” Google noted.

Administrators and end users don’t have to do anything – the alerts will start appearing within 15 days.

Why malicious actors love cloud storage apps

The introduction of Google’s new protective measure comes a week after Netskope’s January 2022 Cloud and Threat Report revealed that cloud-delivered malware is now more prevalent than web-delivered malware, and that Google Drive emerged as the app with the most malware downloads in 2021, taking over that spot from Microsoft OneDrive in 2020.

Attackers create free Google Drive or OneDrive accounts, upload malicious files, and then share them either with specific victims or the wider public (e.g., a link to them may be shared on a compromised website or in a forum post).

“The features of cloud storage apps that make them attractive as a malware delivery platform are their popularity and ease of use,” the company noted.

“Attackers want to maximize the likelihood of their attacks reaching their victims, so they choose to abuse the most popular cloud apps to deliver malware payloads. Similarly, users on average will be more likely to download content hosted on familiar apps. For example, an average user would be more likely to click on a link to download a file from Microsoft OneDrive than a service like AnonFiles.”

Don't miss