Today, it’s Google. Tomorrow, you can expect attackers to attempt this on every 2FA platform that uses some kind of single sign-on.
This is a tough attack method to crack. The pages look identical. The process looks identical. So, the only thing that would stand out is the potentially abnormal email request to view something in the user’s Google account.
Users should be educated to be mindful of emails that take them to any kind of logon page on the web. Just because they are prompted to authenticate, doesn’t mean they just blindly should. Ongoing Security Awareness Training can help users stay current with attack trends, methods, and techniques used, empowering them to know when they see something that just isn’t right, and how to avoid falling for even the most realistic scams that capture 2FA.