Tuesday, 12 December 2017
Latest news
Main » Google warns of phishing scam that impersonates Google Docs

Google warns of phishing scam that impersonates Google Docs

05 May 2017

According to online reports — in particular, a detailed user thread on Reddit — clicking on the share link was taking users to a site that asked permission for a fake app calling itself "Google Docs" to access their accounts. Since the bogus invitation is being routed through Google's real system, nothing is misspelled, the icons look accurate, and it's hard to know something's gone wrong until it's too late. Thousands of personal Gmail customers have also reported the same scam. "The subject line reads "[someone in your contacts] just shared a Google Doc with you", in the same way legitimate Google emails appear when Google Docs are sent between users.

Users who clicked a link and followed instructions, risked sending the email on to everyone in their address box.

As a result of the messages being passed on and shared between users, there's no indication at present of how far it has spread.

"We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts", Google said in an official statement.

For users who have only become aware of this attack now, there are steps you can take to check if you have been affected. "If phishers have made a realistic-looking fake, Password Alert instantly suggests that you change your password and secure your account as soon as you've made the mistake", the report adds. However, if you already clicked on the link, it's wise to set up a two-factor authentication using a cell phone number. The malware attack starts with a deceptive email invitation to edit a Google Doc, which is the popular app for writing and sharing files. If you see it there, remove it. Accessing your contacts, the attackers can then send out more phishing emails, their hooks spreading like wildfire.

"We are investigating a phishing email that appears as Google Docs", Alphabet Inc tweeted from its Google Docs.

A new update to the Gmail app for Android includes a feature created to warn users when they're being targeted by a phishing attack.