Google warns of email scam that impersonates Google Docs
- Author: Arturo Norris May 05, 2017,
May 05, 2017, 10:54
Yesterday, millions of Gmail users became the targets of a phishing scam in which someone they knew sent a Google Doc for them to edit. So be on the lookout for an invite to share a Google Docs document.
JakeSteam on Reddit says that if you "click 'Google Docs, ' it shows [you] it's actually published by a random gmail account, so that user would receive full access to [your] emails".
Once a user clicks that button, their email will send out messages to all of their contacts with a link just like the one they clicked, spreading the phishing scam further.
Those who have fallen for the scam should change their passwords, and revoke permission to the Google Docs app by clicking here.
"We are investigating a phishing email that appears as Google Docs", the company Tweeted from its Google Docs account on Wednesday.
Like all phishing practices, the attack was carried out by sending an email to Gmail users, with the attacker pretending to be someone they may know.
Clicking the link brings you to a screen that looks almost identical to a legitimate Google login screen. Nor is there an indication of who created the phishing campaign, but Google responded to the attack quickly. It then asked for permission to read, send, delete and manage users' email as well as managing their contacts.
On Wednesday afternoon, "Google Docs" was a global trending topic on Twitter, meaning a lot of people were talking about the attacks.
Thousands of employees at multiple organizations that use Google for email have reported the risky email phishing scam today.
But in a statement, Google said that while the campaign accessed and used contact information, no other data was apparently exposed. The Verge reports that the thing asking for permissions is nothing more than a web app named "Google Docs".
Google said it acted within one hour of the scam's appearance, but a lot of damage was done in that first hour.
They continued: "We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems".