SUBSCRIBE
SUBSCRIBE
EXPLORE +
  • About infoDOCKET
  • Academic Libraries on LJ
  • Research on LJ
  • News on LJ
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Libraries
    • Academic Libraries
    • Government Libraries
    • National Libraries
    • Public Libraries
  • Companies (Publishers/Vendors)
    • EBSCO
    • Elsevier
    • Ex Libris
    • Frontiers
    • Gale
    • PLOS
    • Scholastic
  • New Resources
    • Dashboards
    • Data Files
    • Digital Collections
    • Digital Preservation
    • Interactive Tools
    • Maps
    • Other
    • Podcasts
    • Productivity
  • New Research
    • Conference Presentations
    • Journal Articles
    • Lecture
    • New Issue
    • Reports
  • Topics
    • Archives & Special Collections
    • Associations & Organizations
    • Awards
    • Funding
    • Interviews
    • Jobs
    • Management & Leadership
    • News
    • Patrons & Users
    • Preservation
    • Profiles
    • Publishing
    • Roundup
    • Scholarly Communications
      • Open Access

February 19, 2013 by Gary Price

Phishing Attacks Force Oxford University To Temporarily Block Access to Google Docs and Shares Comments About Company’s Lack of Response

February 19, 2013 by Gary Price

Over the years we’ve noticed that many times the only way to get action/reaction from Google on an issue is to take it public and in a big way. That’s what precisely what Oxford has done. Smart move.
From the OxCERT (Oxford U. Computer Emergency Response Team) Blog:

Why would we do such a thing, you might well ask. Surely Google Docs is a perfectly legitimate site, widely used by staff and students as part of their work and personal lives?
We know that. Unfortunately, it is also frequently used for illegal activities; importantly, illegal activities which threaten the security of the University’s systems and data.
[Clip]
So how can you stop your users reaching the phishing forms? Assuming that the phishing emails get past all your anti-spam and anti-malware defences, you essentially need to ask Google nicely if they could take the form down. That’s simple enough – Google’s own security team have advised us that the best way is to use the “Report abuse” link that’s at the bottom of each page. Easy enough.
Unfortunately, you then need to wait for them to take action. Of late that seems typically to take a day or two; in the past it’s been much longer, sometimes on a scale of weeks. Most users are likely to visit the phishing form when they first see the email. After all it generally requires “urgent” action to avoid their account being shut down. So the responses will be within a few hours of the mails being sent, or perhaps the next working day. If the form is still up, they lose. As do you – within the next few days, you’re likely to find another spam run being dispatched from your email system.

Near the conclusion of the post Oxford U. comes down very hard on Google.

We will also be pressuring Google that they need to be far more responsive, if not proactive, regarding abuse of their services for criminal activities. Google’s persistent failures to put a halt to criminal abuse of their systems in a timely manner is having severe consequences for us, and for many other institutions. If OxCERT are alerted to criminal abuse of a University website, we would certainly aim to have it taken down within two working hours, if not substantially quicker. Even out of official hours there is a good chance of action being taken. We have to ask why Google, with the far greater resources available to them, cannot respond better. Indeed much, if not all, of the process could be entirely automated – and part of their corporate culture is that their programmers and sysadmins should be automating common tasks such that they can devote efforts to more interesting matters. Google may not themselves be being evil, but their inaction is making it easier for others to conduct evil activities using Google-provided services.

Read the Complete Blog Post
UPDATE (2/19/2013, 12:35 pm): Although not directly on point, Google has just posted this item about their work to prevent account hijacking and reduce spam.

Coverage

  • Oxford Uni blocks Google Docs, points finger at Google over phishing fail (via ZDNet)
  • University of Oxford temporarily blocks Google Docs to halt phishing attacks against students and staff (via The Next Web)

Filed under: Data Files, News, Patrons and Users

SHARE:

AcademicGoogle DocsOxford UniversitySecurity

About Gary Price

Gary Price (gprice@mediasourceinc.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. Before launching INFOdocket, Price and Shirl Kennedy were the founders and senior editors at ResourceShelf and DocuTicker for 10 years. From 2006-2009 he was Director of Online Information Services at Ask.com, and is currently a contributing editor at Search Engine Land.

ADVERTISEMENT

Archives

Job Zone

ADVERTISEMENT

Recent Articles on LJ

Proud Boys Disrupt Drag Queen Story Time at San Lorenzo Library

Certified Sustainable | Sustainability

There Are No Lanes: Rural Libraries Do It ALL | Backtalk

Not Neutral | ALA Annual 2022

Prince George’s County Memorial Library System Targeted by Anti-LGBTQIA+ Vandalism

ADVERTISEMENT

Related Infodocket Posts

Journal Article: "Public Libraries as Community Health Partners"

The article linked below was recently published by Certified Public Manager® Applied Research Title Public Libraries as Community Health Partners Authors Melinda HodgesLibrary Director, Buda Public Library, City of Buda ...

New Research Article: "How Policies Portray Students: A Discourse Analysis of Codes of Conduct in Academic Libraries"

The article linked below appears in the July 2022 issue of College & Research Libraries. Title How Policies Portray Students: A Discourse Analysis of Codes of Conduct in Academic Libraries ...

Florida International University (FIU) Launches Open-Access Forensic Research Library

From FIU Announcement: Florida International University (FIU) has launched a first-of-its-kind resource for forensic science practitioners, students, researchers, and the general public. The Research Forensic Library provides access to thousands ...

"Book Banning and the First Amendment" (Video Recording of a Freedom Forum Event)

The video recording of Freedom Forum event about about book banning and the First Amendment was recorded at the Library of Congress on June 21, 2022. The discussion features: Suzanne ...

Educopia Partnering with Curtin University and OAPEN to Create a Community Governed OA Book Analytics Service for Publishers

From an Educopia Announcement: With more than AUD $1M in support from the Mellon Foundation, we at Educopia are excited to be working with collaborative partners at Curtin University  and ...

Just Released: U.S. Copyright Office Publishes Report on Copyright Protections For Press Publishers

From the U.S. Copyright Office: On June 30, 2022, the U.S. Copyright Office published a report titled Copyright Protections for Press Publishers. At the request of Senators Leahy, Tillis, Cornyn, ...

U.S. Census Releases 2021 Population Estimates: Nation Continues to Age as It Becomes More Diverse

From the U.S. Census: The last two decades have seen the country grow continuously older. Since 2000, the national median age – the point at which one-half the population is ...

Vision 2030: Library and Archives Canada Releases New Strategic Plan

From the LAC Website: Following two years of consultations, reflection and work, Library and Archives Canada (LAC) has unveiled its strategic plan, Vision 2030, defining the institution’s goals until 2030 ...

Journal Article: "The Financial Maintenance of Social Science Data Archives: Four Case Studies of Long-Term Infrastructure Work"

The article linked below was recently published by the Journal of the Association for Information Science and Technology (JASIST). Title The Financial Maintenance of Social Science Data Archives: Four Case ...

Library Futures Releases Policy Statement and Draft eBook Legislative Language: Mitigating the Library eBook Conundrum Through Legislative Action...

From a Library Futures Post by Kyle Courtney and Juliya Ziskina: Library Futures is excited to announce that we are launching our policy statement on eBooks. Current eBook licensing practices ...

How Can Data Librarians Support Data Communities? An Interview with Jordan Wrigley

From the Ithaka S+R Interview by Dylan Ruediger and Ruby MacDougall: Data communities provide social and practical incentives for scientists to voluntarily share and reuse data with colleagues. In order ...

Roundup (June 30, 2022)

ALPSP Awards for Innovation in Publishing 2022: Shortlist Announced (via ALPSP) Library Publishing Coalition Welcomes University of Kansas  and University of Delaware as New Members (via LPC) NLM Responds to ...

ADVERTISEMENT

FOLLOW INFODOCKET ON TWITTER

Tweets by @infodocket

ADVERTISEMENT

This coverage is free for all visitors. Your support makes this possible.

This coverage is free for all visitors. Your support makes this possible.

Primary Sidebar

  • News
  • Reviews+
  • Technology
  • Programs+
  • Design
  • Leadership
  • People
  • COVID-19
  • Advocacy
  • Opinion
  • INFOdocket
  • Job Zone

Reviews+

  • Booklists
  • Prepub Alert
  • Book Pulse
  • Media
  • Readers' Advisory
  • Self-Published Books
  • Review Submissions
  • Review for LJ

Awards

  • Library of the Year
  • Librarian of the Year
  • Movers & Shakers 2022
  • Paralibrarian of the Year
  • Best Small Library
  • Marketer of the Year
  • All Awards Guidelines
  • Community Impact Prize

Resources

  • LJ Index/Star Libraries
  • Research
  • White Papers / Case Studies

Events & PD

  • Online Courses
  • In-Person Events
  • Virtual Events
  • Webcasts
  • About Us
  • Contact Us
  • Advertise
  • Subscribe
  • Media Inquiries
  • Newsletter Sign Up
  • Submit Features/News
  • Data Privacy
  • Terms of Use
  • Terms of Sale
  • FAQs
  • Careers at MSI


© 2022 Library Journal. All rights reserved.


© 2022 Library Journal. All rights reserved.