Do NOT Open Link in Unexpected Email with Google Docs Link Button!

   5/3/2017 |  5/3/2017 |  Leave a comment
brett shager google docs spam hhhhhhhhhhhhhhhh mailinator.com
Follow Anne
Latest posts by Author: Anne P. Mitchell (see all)

There is an evil new phishing spam going around that is using Google Docs to do its dirty work. The subject is along the lines of “(Someone) has shared a document on Google Docs with you” – in many of the samples it is ‘Brett Schager has shared a document on Google Docs with you.” Many of the samples are also sent “to” hhhhhhhhhhhhhhhh@mailinator.com (you receive it because you are in the bcc: field).

 

The most important thing we can tell you is DO NOT CLICK ON THAT BUTTON that says ‘Open in Docs’!


google docs spam hhhhhhhhhhhhhhhh mailinator.com

The thing is, in this case even hovering over the link to see the actual URL won’t save you, because the link really does go to Google Docs. And that’s the diabolical genius of this particular spam. It’s a real Google Docs link. It just happens to go to a malware payload.

link in google docs spam

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

The way that the bad guys did this, explains The Verge, is “this grants permissions to a (malicious) third-party web app that’s simply been named “Google Docs,” which gives phishers access to your email and address book.”

In a statement issued on Twitter, the Google Doc team said:

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

 

This was several hours after the email hit people’s inboxes (and just 1 hour and 45 minutes before the writing of this article), so the odds are good that quite a few people were taken in by the phish.

So, if you did in fact click on that button, or otherwise think you may have been infected, Google says that you can go here in your Google account to secure your account.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

More from the Internet Patrol:

Yes, Virginia, there is a Spammer Clause
Multi-factor Authentication and Why You Need It
Using Public Wifi and Your Mail App Can't Connect to Gmail? This May be Why
How to Have Gmail Automatically Delete Foreign Language Spam So You Don't Have To
King of Spam Scott Richter Steps Down from Throne and Pays Microsoft $7million
Google Facilitating Link Farms with Own Adsense Ads
How to Unsubscribe from Google Birthdays Calendar
Google Barges Cause Sensation - What Do They Want with a Google Barge?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.