Phishing Attack on Google Docs
Posted on May 16, 2017 by ORC Editor
A sophisticated phishing or malware attack at Google Docs users is now widespread: users receive emails inviting them to edit a Google Doc, with a subject line stating a contact “has shared a document on Google Docs with you”. If you click the “Open in Docs” button, you will be taken to a legitimate Google sign-in screen inviting to “continue in Google Docs”. But if you click it, you grant permission to a bogus third-party app with a deceptive name to access contacts and email. As a result, you can find spam spreading to additional contacts.
Google has confirmed that it is aware of the problem and investigating it. Google Docs users were asked to report the email as phishing within Gmail. The company informed them that it has disabled offending accounts, removed the fake pages, and pushed updates through Safe Browsing. However, it is still unclear how many people had been affected and where the attack may have originated.
Phishing scams usually involve emails, advertisements or websites that appear to be real and ask for personal data, like usernames, passwords, SSNs, bank account details or dates of birth. Google informed its users that it never sent out emails asking for this type of information and warned them not to click on any links and to report suspicious messages.
However, this attack seemed to be more advanced than a typical email phishing scam, as it doesn’t simply take users to a bogus Google page to collect passwords. This time, the phishing mechanism is working within Google’s system with a third-party web app. By the way, people who have already granted such permission can go to their settings and revoke the app.