May 5, 2017

Scam Alert! Don’t Click that Google Docs Link You Just Received in Your Email. It Could Be A Malware

Have you received any random email recently containing ‘Google Doc’ attachment within it? Don’t click on that link – it could get you HACKED. And delete it immediately — even if it is from someone you know.

An alarming phishing scam began spreading around the internet since Wednesday in an attempt to access Google accounts through an email embedded with a fake Google Docs file.

Originally thought to be targeting only journalists, these malware emails were also slinging their way across unrelated mailboxes – from organizations to schools/campuses and even random people.

The malicious email contains what appears to be a link to a Google Doc file, saying that the person [sender] “has shared a document on Google Docs with you.” Once you click the link, you will be redirected to a legit Google.com page asking you to authorize “Google Docs” to access to your Gmail account. It says, “Google Docs would like to read, send and delete emails, as well access to your contacts.”

Scam Alert! Don't Click that Google Docs Link You Just Received in Your Email. It Could Be A Malware (1)

You should know that the real Google Docs invitation links do not require your permission to access your Gmail account.

If you allow the access, the hackers would immediately get permission to manage your Gmail account with access to all your emails and contacts, without requiring your Gmail password. It also gains control over the webmail account, including the ability to read victims’ messages and send new ones on their behalf.

Once the permissions to manage your email are granted, the software will immediately spam out the same message to all the people on your contacts list, even bypassing two-factor authentication.

Meanwhile, Google has also started blacklisting malicious apps being used in the active phishing campaign.

“We have taken action to protect users against an email impersonating Google Docs (and) have disabled offending accounts,” Google wrote in a statement on Twitter. “We’ve removed the fake pages; pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

How to not fall to the Prey to the Attack?

Do not click on links in emails from someone you might not know, especially if the subject line just says “documents.”

If you do show up at the login screen, then see if it recognizes you as a Google user. If it does not, then that is a clear sign it is part of a phishing scam.

What to do if you fell for the scam:

If you are worried about being scammed, here is what to do.

  • Go to your Gmail accounts permissions settings at myaccount.google.com and Sign-in.
  • Go to Security and Connected Apps.
  • Go to the “Account Permissions” section
  • Search for “Google Docs” and hit “Remove”. It’s not the real Google Docs.

About the author 

Chaitanya

今現在、日本にカジノは存在しません。 そこで一定の支持を得ているのがオンラインカジノです。 場所や時間を選ばずいつでもプレイできることで、幅広いプレイヤーから利用されています。 そんなオンカジは、今も現在進行形で日々より良く、新しい娯楽へと進化しています。 新しくなり続けるオンラインカジノでは何が出来るの?世の中の流行りに応じて変化するオンカジ業界違法性や不正行為に対する対策も万全 新しくなり続けるオンラインカジノでは何が出来るの? オンラインカジノは、その名の通りオンラインでカジノをプレイできる現代的なサービスです。 提供されているゲームには、スロットやテーブルゲームといった定番のものはもちろん、臨場感や緊張感を味わえるライブカジノゲームも含まれ、家や外出先でもリアルを体験できます。 そういったゲームも、常に新作がリリースされ、長期的に遊び続けても飽きるなんてことはありません。 既存のサイトがパワーアップしていくこともそうですが、オンカジの新しいブランドが出現することで業界は更なる盛り上がりを見せています。 世の中の流行りに応じて変化するオンカジ業界 日本の市場に進出しているオンラインカジノサイトの選択肢は豊富で、プレイヤーの好みに応じて様々なブランドが利用できます。


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}