ALERT!-Google Docs Phishing Attack-ALERT!

Published On May 4, 2017 | By Tom Huskerson | Alerts

Right now millions of email users are getting a seemingly innocent email asking them to view a Google Docs file. DO NOT CLICK ON IT! DELETE IMMEDIATELTY!

The email takes the user to an excellent replica of the Google Docs page you would normally see. The hackers are so clever they have copied the newest version of the page. To make matter worse the URL or web address is very close to the real Google Docs web address. The email itself will look as if it came from a legitimate email address and even uses a .gov email address.

The email does not deliver any malicious malware that we know of. But it does steal user names and passwords.

In a statement a Google PR representative said; “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

Google sent out another statement, this time directly from Google that read; “We realize people are concerned about their Google accounts, and we’re now able to give a fuller explanation after further investigation. We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1% of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third party apps connected to their account can visit Google Security Checkup.

If you have recieved the suspect email there are a few things you can do.

  1. Do not click on it even if it comes from someone you know. Always be suspicious of links and attachments you are not expecting or do not know where they come from. Anytime you get an email containing a link or attachments contact the sender and ask what is it. They may not know their email is being used to send out spam or malware.
  2. Use multi-factor authentication. Many websites offer multi-factor authentication. It is simply and extra step to protect you on the web. The system often works by sendng a second code via a text message to your smartphone. This is great when you are using a computer you don’t normally use and can prevent hackers from accessing your accounts or stealing passwords.
  3. If you have already clicked on the suspect email or are not sure then you can cancel third party access by visiting this Google site. Also change your Google passwords.
  4. Finally report the incident by clicking the downward arrow at the top right of your inbox and selecting “Report Phishing.”

Remember, try to avoid catching “click around fever.” This is the compulsion to click on links or attachments in your email or visit websites just out of curiosity. Many malware infections and viruses can be had by what’s commonly known as a drive by download.  This means the instant you click on the wrong thing or visit the wrong website you’re infected.

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. He attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has returned to focus on writing both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle. Most recently Tom has launched the blog African American Cyber Report. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Leave a Reply

Your email address will not be published. Required fields are marked *