Google Docs scam targets one million email accounts
When you clicked to open the document, you’d be taken to an innocent-looking web page hosted by Google. It gradually gained control of their whole email histories and stretched itself to all of their contacts.
In a series of tweets by offcial account of Google Docs the company stated, “We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again”.
Usually phishing scams are relatively small scale and aren’t worth reporting on, but we soon discovered warnings on Twitter and even Buzzfeed describing the same emails the station received. If users click the “Open in Docs” button in the email, it takes them to a legitimate Google sign-in screen that asks to “continue in Google Docs”. Next, you should change your password.
It’s a phishing scam disguised as a genuine email with a link to Google docs.
Some of the emails are addressed to “firstname.lastname@example.org” and the target’s name is in the BCC field. The vulnerability was exposed for only about one hour, and affected about 1 million users.
Google took this issue seriously and disabled the application to fix it.
If you see a “Google Docs” app in your permissions, this is the malicious app.
Thousands of employees at multiple organizations that use Google for email have reported the unsafe email phishing scam today.
Firstly an email invitation will be sent to a victim from the person they may know.
Don’t click on any links in the email.
Affected individuals who clicked “allow” should revoke access to the fake Google Docs app right away, JakeSteam recommends. Typical phishing attacks would usually trick the user into handing over personal information, but this one was far more sophisticated.