Security Alert: Massive Google Docs Phishing Campaign

A very convincing and deceptive Google Docs phishing scheme hit the internet yesterday ensnaring thousands. The email is very short and looks like it came from someone you know saying that a document in Google Docs has been shared with you and inviting you to view it.

After the user clicks the link or button, it asks for access permission to your Gmail account. If you take the bait, the malware proceeds to SPAM all of your contacts spreading the infection. And, because you gave this app permission to access your email, attackers may also be able to access data, logins, etc. from your system.

So far, all of the SPAM emails come from @mailinator.com and sent to [email protected] with other recipients blind copied (i.e. BCC’d).

Keep in mind that real Google Docs links do not need or ask for access to your Gmail account.

If you get such an email, do not open it. In fact, delete it. However, if you did open the bogus email and clicked the link, here’s what to do:

  • In your Google account, go to Google’s “Connected Apps and Sites” page.
  • Look for “Google Docs”. You may see more than one since the bogus one will have the same name as the real one.
  • Click on them and remove the one that has permissions to “manage your contacts” and “read, send, delete and manage your email”.
  • Change your Google passwords, as well as to any other sensitive accounts immediately to ensure they have not been compromised.
  • Perform deep anti-virus and anti-malware scans and remove any threats they find.
  • Send follow-up emails to anyone that received bogus emails from your account and ask them to delete them. You can identify who received bogus notifications from you by looking in your send folder.

Reports indicate that Google has disabled the bogus accounts, etc. However, hackers are a resilient bunch, so be on your guard. Always be aware of the priveledges requested by any app or program and resist the urge to blindly click and approve.

 

XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 250+ Petabytes of data with over 800 employees around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause.