Do NOT Open Link in Unexpected Email with Google Docs Link Button!

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of “(Someone) has shared a document on Google Docs with you” – in many of the samples it is ‘Brett Schager has shared a document on Google Docs with you.” Many of the samples are also sent “to” hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

The most important thing we can tell you is DO NOT CLICK ON THAT BUTTON that says ‘Open in Docs’!

The thing is, in this case even hovering over the link to see the actual URL won’t save you, because the link really does go to Google Docs. And that’s the diabolical genius of this particular spam. It’s a real Google Docs link. It just happens to go to a malware payload.

Pssst! Get notified of new TIP articles here:

The way that the bad guys did this, explains The Verge, is “this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.”

In a statement issued on Twitter, the Google Doc team said:

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

This was several hours after the email hit people’s inboxes (and just 1 hour and 45 minutes before the writing of this article), so the odds are good that quite a few people were taken in by the phish.

So, if you did in fact click on that button, or otherwise think you may have been infected, Google says that you can go here in your Google account to secure your account.

Summary

Article Name

Do NOT Open Link in Unexpected Email with Google Docs Link Button!

Description

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of "(Someone) has shared a document on Google Docs with you" - in many of the samples it is 'Brett Schager has shared a document on Google Docs with you." Many of the samples are also sent "to" hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

Author

Anne P. Mitchell

The Internet Patrol is provided as a public service by the Institute for Social Internet Public Policy, and edited and primarily authored by Anne P. Mitchell who is an Internet security and privacy attorney.

(Hey! Please let us know if you liked this article by leaving us a comment!)

Recent Comments

Heidemarie Klimt-Grampp on Hate Meetup’s New Design? Here’s How to Still Find Group Calendars and Past Meetups with the New Site DesignI am a Meetup Group Organizer since 2009. The new design in 2018 is the worst I have experienced & I am so discouraged to go on that I may just return to email-organizing without this provider. Why is Meetup destroying a portal that was easy to move around on?...
Butch Kemper on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyI am bothered by applications assuming to best know how to establish rules about passwords: characters allowed, combinations allowed, number of characters, and frequency to update. I am an adult so let me make up my password and if my selection is poor, then it is my choice so leave...
Michael Alape on Online Audio of Southwest Pilot Tammie Jo Shults’ Communication with Air Traffic Control TowerTHE PILOT DEFINITELY AVERTED A TOTAL CATASTROPHE. HER TRAINING WAS CRUCIAL TO THE RESULTS OF SAVING OTHER PASSENGERS LIVES.
Bob Vaughan on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyI ran into a similar problem many years ago with an ATM card. It would work in some places, but fail in others. I eventually figured out that one of the ATM networks (I forget whether it was Star or Cirrus) was limiting the PIN to 4 digits, while my...
Lola L Schiefelbein on “Why Can’t I Log Into My Account When I Know I am Using the Right Password?” This May be WhyThank you! Have been through this so many times, in the last months--now, it's explained! Sanity saved! :>)
Easterneuropean on Has Your Gmail Email Disappeared? You’re Not AloneTransformation: Google >>> Oogle >>> Ugle >>> Ugly Those bastards are destroying my tiny business by allowing fantasy libel by criminals to be listed at the #1 top search result. Gmail is free and ugly and extremely confusing to a new user. Yet I must admit that if one tries...
NickT on Has Your Gmail Email Disappeared? You’re Not AloneWell, this just happened to me... about 5 years worth of business emails all vanished... WOW....
hiker on Hate Meetup’s New Design? Here’s How to Still Find Group Calendars and Past Meetups with the New Site DesignI am here to join the majority of meetup users who are extremely disappointed with the new design. I have been an organizer for 3-4 years now and this new design makes it much harder to post events and even harder to find what is going on in the meetup...
Chas on New Online Investment Scam Mimics Regulatory AgenciesIn reply to Barry, I have been approached by Arthur Balfour of Menden Hall Law Office, 1 Ashburton Place, Boston. This concerned the purchase of shares from many years ago. The firm does not appear to exist and the guy seemed in a bit of a rush...
Sandy Mary on How to Cancel the Kindle Unlimited Service on AmazonThank you

Do NOT Open Link in Unexpected Email with Google Docs Link Button!

You might also like some of our other articles:

Leave a Reply Cancel reply