A new Google Docs Phishing scam has been spotted a few hours back and it is spreading too fast. This attack allows hackers to take over the whole email account including most personal details and information.
This scam works by sending an innocent looking Google Docs link that appears to come from a genuine user. Clicking on the Google Docs link will ask the user to select an account and then it will give access to your Gmail account to an attacker.
As such, we are advising you not to click any Google Docs link unless you know it is safe and not related to this scam. If you have already clicked on any such link, you should check it and change the password now.
This attack is not just limited to Google accounts, but it is also affecting businesses that use Google’s email service too.
The email itself comes addressed to [email protected]. This is the only way to spot that it is a scam.
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON’T CLICK. pic.twitter.com/fSZcS7ljhu
— Zeynep Tufekci (@zeynep) May 3, 2017
Google Docs has also confirmed the phishing email that appears as Google Docs and suggested users not to click on clicks and report any such email as phishing with Gmail to let Google know about it.
We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail.
— Google Docs (@googledocs) May 3, 2017
How do you know if you have been hit?
If you also used something similar but not sure if you have been hit, you must check your Google Account’s permissions right now. There should not be an app called “Google Docs”. The actual Google Docs can access your account by default without having a separate permission. If you see an app there, remove it.
If you gave access to the attacker, it is possible that he downloaded your emails and used your account to spam your contacts to send the same phishing emails inviting them to check the fake Google Docs document. So request your contacts to avoid any such email.
Update: Google has blocked the malicious app by disabling the fake app’s ID. Google’s abuse team is also working to prevent this kind of spoofing from happening again.