Do NOT Open Link in Unexpected Email with Google Docs Link Button!

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of “(Someone) has shared a document on Google Docs with you” – in many of the samples it is ‘Brett Schager has shared a document on Google Docs with you.” Many of the samples are also sent “to” hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

The most important thing we can tell you is DO NOT CLICK ON THAT BUTTON that says ‘Open in Docs’!

The thing is, in this case even hovering over the link to see the actual URL won’t save you, because the link really does go to Google Docs. And that’s the diabolical genius of this particular spam. It’s a real Google Docs link. It just happens to go to a malware payload.

The way that the bad guys did this, explains The Verge, is “this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.”

In a statement issued on Twitter, the Google Doc team said:

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

This was several hours after the email hit people’s inboxes (and just 1 hour and 45 minutes before the writing of this article), so the odds are good that quite a few people were taken in by the phish.

So, if you did in fact click on that button, or otherwise think you may have been infected, Google says that you can go here in your Google account to secure your account.

Summary

Article Name

Do NOT Open Link in Unexpected Email with Google Docs Link Button!

Description

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of "(Someone) has shared a document on Google Docs with you" - in many of the samples it is 'Brett Schager has shared a document on Google Docs with you." Many of the samples are also sent "to" hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

Author

Anne P. Mitchell

Get notified of new Internet Patrol articles!

Recent Comments

Carol F on How to Create a Custom Repeating Event in Gmail CalendarHow do you set up a meeting to be held every 2nd & 4th Monday of the month even though there may be 5 weeks in a month.
Kiana Veasey on Are You Showing a Mystery Charge from 402-935-7733 via Paypal in Your Bank or Credit Card Account? Here’s WhyThis Paypal 402-935-7733< was a legit charge. I think you need to be sure to talk to the human, not in the robot. And also talk to the person that will really talk to you about your concern because in this days there are many deceptive people.
Teresa Arndorfer on How to Remove or Change the Email Address that Square Has for YouI need to change my email for receipts, but don't have any receipts to go to the bottom. Carrier was changed, so the receipts are going to la-la land.
Nicole on List of Words that Will Get Your Amazon Review RejectedFirst, thank you for the list! It is both useful and gave me a laugh. I've been with Amazon for around 4 years and write A LOT of reviews. Maybe one in 100 is rejected. I think that the person who left a product review that complained about the shipping...
TheMutt on List of Words that Will Get Your Amazon Review RejectedI was just banned for life today from leaving reviews and have no idea why, it is not as if I leave that many reviews.
agudeza on Hate Gmail’s New Look? Here’s a Fix!The new look is definitely the problem for alot of people while the new functionality is the problem for others. The point is, they think they have the right to tell us how we are to use an email program. In my case, I cannot stand looking at unread emails...
Lindsey on About the Amazon Purchase Limit Policy You Didn’t Know You Lived UnderApparently their Kindle Paperwhites are a part of this! When trying to buy them for the library I was hit with this policy. Not sure what we're going to do now.
Wayne Richard on How to Unsubscribe from Priceline MailingsWhat's goin' on? The link just takes me to the priceline homepage. It looks like you gotta be signed in to do the above, but I never had signed in at all and I still get the alerts. Is this some scam to populate an email list for resale?
MF on Hate Gmail’s New Look? Here’s a Fix!Hey guys I searched and couldn't find the answer. But now I have it! When you send a message, quickly look in the bottom left hand corner of the screen and briefly, "UNDO" appears there on a black banner. There we go!
MF on Hate Gmail’s New Look? Here’s a Fix!I really HATE the new gmail format. Also they have removed the option to cancel send. When I go into settings the drop down list of 10, 20, 30 sec is there, but the option to enable or disable has gone. Mine looks as though it is on 30 seconds,...

Do NOT Open Link in Unexpected Email with Google Docs Link Button!

You might also like some of our other articles:

Leave a Reply Cancel reply