«
»

PSA: Don’t click that Google Docs link!

If you get an email sharing a Google Docs file with you, I have some advice: Don’t click it!

This is a widespread phishing campaign that started on Wednesday. The malicious email contains what appears to be a link to a Google Doc file. This leads to a legit Google.com page asking you to authorize “Google Docs” to access to your Gmail account. The problem is that this takes control of your Gmail account and in the process, it sends out the same malicious email with your name on it and pillages your contact lists.

If you’ve been pwned by this attack already, you need to go into your Google account permissions page and remove all the access privileges for the evil Google Docs account. Google has apparently locked things down so that this attack doesn’t get worse. But expect it to be around for the next couple of days. That begs the question, why didn’t Google lock things down as a proactive measure?

This entry was posted on May 4, 2017 at 10:13 am and is filed under Commentary with tags , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “PSA: Don’t click that Google Docs link!”

  1. #Fail: Google Warned About Mass Phishing Attack SIX YEARS AGO | The IT Nerd Says:
    May 5, 2017 at 8:20 am

    […] attack aimed at Gmail users was stunning in terms of scale and how effective it was. At the time, I said […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading