Google warns of phishing email spreading in Docs

Google customers are being targeted by a malicious email that appears to be a Google Docs page from a trusted sender, the company said in a statement on Wednesday.

A spokesperson for Google said in a statement that the company has disabled the accounts where the hack originated. The email looks legitimate; however, when users click on the link to open the Google Doc, the scam collects personal information about the user. This attack can spread quickly - the fake Google Docs app can read your contacts and send more phishing attempts to your contacts.

Duff added that while most phishing scams are financially motivated, the reason behind this attack is not yet clear. When the user clicks on the link it takes him to a real Google-hosted page, with a ready list of your Google accounts to click. "Usually things like that, especially with Google, they usually don't want to tap into your information", Smith says.

Numerous emails include the address in "hhhhhhhhhhhhhhhh@mailinator.com" in the "send to" section. If you think you've clicked on a spam email, you can go to g.co/SecurityCheckup to remove apps you don't recognize and check your Google app permissions.

On clicking the link users are directed to a phishing page which looks exactly like the Apple support page and are then asked to enter their ID and password. The emails have all come from a Mailinator email address ([email protected]). When opened, the link requests permission to access the user's entire account. The hackers behind Tuesday's attack appear to have built an actual third-party app that leveraged Google processes to gain account access.

Not only that. The app will soon start spreading the worm and shoot emails to all your contacts thereby setting the whole process in motion again.

The cybersecurity firm Trend Micro noted that its not the first time this type of spear phishing campaign has been used.

To avoid the possibility of a phishing attack affecting you, you can set up a security key or two-step authentication, to increase your Google account's security.

"Attackers are becoming increasingly cleaver [sic] with their tactics and organisations, and security tools must change the way they identify threats as new systems and methods are developed by nefarious actors".

  • Arturo Norris