Published: Thu, May 11, 2017
Tech | By Constance Martin

Google Docs users hit by phishing scam

Google Docs users hit by phishing scam

If you receive an email sharing a Google Docs document with you, do not open it.

Do these satellite images prove North Korea is about to carry out another nuclear test?

According to some reports, these fake Google Doc links will take users to a genuine Google page to select an account.

Clicking on that link grants permission to a malicious third-party app to possibly access contacts and email, which could allow the spam to spread to additional contacts. There you will find a list of all the apps that have account access.

However, on Wednesday up to one million email accounts received a phishing email that tries to scam users into clicking a fake Google Doc email.

In an issued statement, a Google spokesperson said, "We've pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again".

If you clicked on the link and were affected by todays attack, Google says you should visit myaccount.google.com/permissions to revoke the “Google Docs” app. Google Docs doesnt require separate authorization as Gmail gives it by default.

Man City thrash Palace to move into third place
De Bruyne, for brief moment may have considered delivering a high ball to his captain, who could have headed toward goal easily. They tried but I think personal errors were the key factor, not the fact that they weren't trying to do the game plan.

The worm then sent itself out to all of the affected users' contacts, reproducing itself hundreds of times every time the link was clicked.

What appears to be Google Docs then asks for several permissions to access your account.

Google said in a statement sent to CBS News that by late Wednesday afternoon it had disabled accounts associated with the phishing attempt.

Thousands of employees at multiple organizations that use Google for email have reported the unsafe email phishing scam today.

Hackers created a malicious app and named it "Google Docs", which looked trustworthy. In particular, it shows each app and what information it can access.

In some way the scheme is similar to one we warned you about back in January.

It has disabled offending accounts, removed fake pages and updated its Safe Browsing feature, which issues warnings when users visit unsafe sites.

Like this: