Criticle News

Google Docs phishing attack

posted May 3, 2017, 3:17 PM by Ken Gribble   [ updated May 3, 2017, 3:20 PM ]

Please be on the lookout for a Google Docs phishing email. The email invites you to collaborate in a Google Doc with the click of a link.

"When you click the link, you go to Google’s real login page. The problem is that after you’ve entered your password there, you’re redirected to a malicious third-party site. (In my case, it would have been “googledocs.docscloud.info,” which is not a Google site.) This page asks you to grant it permission to access your email account.

If users don’t realize they’ve been redirected to a non-Google site, they inadvertently give hackers the ability to read their emails and send out emails on their behalf. Malicious software then accesses a user’s address book and sends out more phishing emails to all the victims, repeating the cycle."

Including this part of the article:

What to do if you fall prey to the attack

Hopefully you read this article before you fell prey to the Google Docs phishing scam. But what should you do if you’re coming to this article after you’ve already clicked the link and granted permission to the malicious software?

It never hurts to change your password, but experts say that won’t help in this case. Rather, what you need to do is revoke the permissions you unknowingly gave the malicious app to your account. To do that, go to the Google app permission page and look for the app called “Google Docs” — it’s not the real Google Docs. Click on that app and then click “Remove.”

1-1 of 1