It’s never a good idea to go clicking on random links that have been sent by people you don’t know or can’t trust. On Wednesday, May 3 extreme caution was advised as a huge phishing campaign targeting Google accounts hit the Internet. The intent of the malicious documents was to hijack the Google accounts, something no one wants.
The phishing emails were received by many people from all sorts of industries, all over the globe. The emails contained a link to a Google Doc but it looked as if it appeared from a connection rather than a stranger. Many people would not have thought twice about trusting someone they know, making this attack very concerning.
If you received an email containing a Google Doc link we recommend that you get in touch with the sender before you click it. You can also visit your personal Google account page if you think you may have clicked on the link. From your account page, you are able to complete a Google Security Check-up or manage the apps you’ve granted permissions to. Find the Google Doc app that should have an authorisation time that is quite recent. This Google Doc app is one that is malicious and gained access from the phishing attack. You can remove it easily with a simple click and by selecting Remove.
Don’t Just Click!
Don’t forget that this phishing attack appears to come from people that you already know or your email contacts. If you have received an email and haven’t clicked you should still inform your IT department and your colleagues.
Once clicked the phishing link takes you to a genuine Google domain and requests permission to give access to the ‘Google Docs’ app. The app is fake and it reads your emails and your contact list. From there it is able to spread further by sending out more emails to all of your contacts.
Google have said they have taken the steps necessary to stop the emails from being sent and reports suggest that the phishing link is now broken. But it is worth checking your own Google account to be on the safe side. Google’s abuse team is now working to prevent this type of spoofing in the future.