Massive Phishing Scam Involving Fake Google Docs

[Chou Anou]

Just a heads up, there appears to be a huge phishing scam underway, not sure if it's just going on in the US (it's all over my Twitter, and I follow plenty of people outside the US) or worldwide, but a lot of people are seeing it today.

 

Basically, if you receive an e-mail from someone you know containing what looks like a link to a Google Doc that they want to share with you, and you weren't expecting one from them, do not click on it.  This should be general procedure anyway (which is why I didn't click on the one I got, before seeing it blow up on Twitter), but like I said, this attack today seems very widespread, so I thought I'd alert people.

[RichCor]

Luckily, Google seems to have already shut this one down.  But the advice still stands. DON'T open email attachments or 'shared' files if you are not expecting them, even if you think you recognize the sender.

 

Google warns of phishing scam that impersonates Google Docs

ctvnews canada  |  The Associated Press  |  Last Updated Thursday, May 4, 2017 8:37AM EDT

 

SAN FRANCISCO -- Google said it shut down an email spam campaign that impersonated its online file service, Google Docs.

According to online reports -- in particular, a detailed user thread on Reddit -- clicking on an emailed share link, purportedly from a known source, was taking users to a site that asked permission for a fake app calling itself "Google Docs" to access their accounts. If they agreed, the app would then send additional copies of the original email to the users' contacts.

 

 

The ploy seems to have been to get the recipient to accept the 'share' and gain access to their contacts list to continue to spread to people known to the recipient.