Today, Google announced that it is taking steps to add further protection from unverified and malicious apps.
After an advanced phishing worm hit Google Drive users in May, the company made a commitment to help protect it’s users from future attacks. Google has already taken steps to make it more difficult for people to write malicious apps and pass them off as legitimate by strengthening its developer registration systems, and with today’s update, it makes it even more so.
According to the announcement, “Beginning today, we’re rolling out an “unverified app” screen for newly created web applications and Apps Scripts that require verification. This new screen replaces the “error” page that developers and users of unverified web apps receive today.
The “unverified app” screen precedes the permissions consent screen for the app and lets potential users know that the app has yet to be verified. This will help reduce the risk of user data being phished by bad actors.”
Ultimately, these two steps will make it more difficult for erroneous apps to plug into Google services and also help users identify dangerous code posing as legitimate.