What you need to know about Google Docs phishing scam
Google said the spam campaign affected “fewer than 0.1%” of Gmail users.
Do these satellite images prove North Korea is about to carry out another nuclear test? Here, Google Docs is a fake third party app. The company has pushed updates through Safe Browsing, and the concerned team is working to prevent such spoofing in future. If that’s the malicious app that’s gotten access to your account after you clicked on the link it should have a recent ‘Authorization Time.’ Now, click on that Google Docs app and click ‘Remove’.
In recent days a sophisticated phishing scam that asks for permission to access files stored in Google Drive has been spreading online. Doing this would take the users to a “legitimate” Google sign-in screen, reported The Guardian.
If you want to check any apps related to your Google account, you can go to myaccount.google.com, go to Sign-In and Security, then Connected Apps. Security experts say the hackers were likely able to steal millions of email addresses stored in victims’ contacts folders, apparently the objective of the scam. Without even gaining an access your account with a password, the phishers could harm your data.
“The site you are trying to visit has been identified as a forgery meant to trick you into disclosing financial, personal, or other sensitive information, ‘ the notice states”. The app accesses all your contacts and sends them a similar fate.
The phishing scam impacted Google email accounts across the country, including those at the University of Minnesota.
“Entering information they actually were giving permission to an app that was not a Google app”, Merchant said.
“In this new version, an email hits your Gmail inbox with the subject line “(name) has shared a document on Google Docs with you”.
Google has reportedly taken steps to combat the attack by disabling offending accounts and pulling out fake pages.