There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of “(Someone) has shared a document on Google Docs with you” – in many of the samples it is ‘Brett Schager has shared a document on Google Docs with you.” Many of the samples are also sent “to” hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).
The most important thing we can tell you is DO NOT CLICK ON THAT BUTTON that says ‘Open in Docs’!
The thing is, in this case even hovering over the link to see the actual URL won’t save you, because the link really does go to Google Docs. And that’s the diabolical genius of this particular spam. It’s a real Google Docs link. It just happens to go to a malware payload.
| Get notified of new Internet Patrol articles for free!
|
| Or Read Internet Patrol Articles Right in Your Inbox! as Soon as They are Published! Only $1 a Month! Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time! |
The way that the bad guys did this, explains The Verge, is “this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.”
In a statement issued on Twitter, the Google Doc team said:
“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
This was several hours after the email hit people’s inboxes (and just 1 hour and 45 minutes before the writing of this article), so the odds are good that quite a few people were taken in by the phish.
| We know you're sick of ads on websites. But we still need to pay to keep the lights on for you. So instead of huge ads and video ads, we use smaller, plainer ads. Still, if you'd like to support the Internet Patrol but not the ads, please consider supporting us here: |
So, if you did in fact click on that button, or otherwise think you may have been infected, Google says that you can go here in your Google account to secure your account.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money.
That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Thank you!
| Get notified of new Internet Patrol articles!
|
Related articles:
If You Get the “Complete Required Actions” Email from GoDaddy Do NOT Open It!
Don’t Be Taken in by the Latest Wells Fargo Text Message Scam!
WARNING: Having Email Display Sender’s Contact Image and Info Helps Scammers Get in Through the Cracks
About the Amazon Gift Card in Your Mailbox Scam
URGENT WARNING: IRS and Social Security Administration Scam Phone Calls on the Rise