Google Docs Used In Latest Phishing Scam
Follow CBSMIAMI.COM: Facebook | Twitter
MIAMI (CBSMiami) – If you received an email about opening a link to a Google Document, chances are it's part of a widespread phishing scam going around.
Google tweeted that users should not click if they see a suspicious Google Docs invite.
Several people in our newsroom have received the email.
Many of the emails include the address in "hhhhhhhhhhhhhhhh@mailinator.com" in the "send to" section.
Users who click the fraudulent link are brought to a Google page where they are asked to grant "Google Docs" access to all of their Google accounts. This gives hackers an open door to read and send their emails and private documents.
Google said in a statement sent to CBS News that by late Wednesday afternoon it had disabled accounts associated with the phishing attempt.
"We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts," the company said. "We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."
Phishing scams are nothing new for Google users and this one appears to be targeting mostly journalists and educators.
If you clicked on the link and granted the app access, your personal information may have already been exposed, but you can still revoke access:
- Go to myaccount.google.com/permissions
- Find the app called "Google Docs"
- Revoke all permissions
