Spam campaign targets Google users with malicious link
- Author: Carolyn Briggs May 04, 2017,
May 04, 2017, 23:09
The email says it has a Google Docs link for you to open.
The link takes internet users to what appears to be a real Google page that asks for permissions across Google accounts. You should revoke permission for the "Google Docs" app that you have granted by clicking on the link.
Because the attack gains access to a user's account through official means-though by misrepresenting itself-it can bypass typical security measure likes two-factor authorization and login alters.
A small number of teachers and staff members in Fayetteville School District are among those who have received spam email associated with the Google phishing scheme, Fayetteville spokesman Alan Wilbourn said.
Hackers created a malicious app and named it "Google Docs", which looked trustworthy. But in a statement late Wednesday, Google said that while the campaign accessed and used contact information, no other data was apparently exposed.
If you haven't clicked the link in the e-mail, closed the tab before hitting the "Allow" button, or pressed the deny button instead, then you are okay.
Locate the "Google Docs" app. Take a look at any of those apps and delete any that may be suspect or any you don't recognize.
It is not clear who sent out the malicious emails or how many users have been affected by the attack.