blog

Warning about Google Docs Malware Attack

2017-05-04

Yesterday it was reported that a Google malware attack was hitting inboxes. This very sophisticated phishing scam involves emails which suggest some one has shared a Google Document with you. You are then invited to edit the document.

The genuine looking phising email is sent to your inbox. It will have a subject title which suggests a Google document has been shared with you.  If you click on the link “Open in Docs” it will take you to a Google sign in screen which looks very genuine. However by clicking on the “continue in Google Docs” link you are unwittingly giving permission to the cyber criminals to potentially access your emails and contacts, via a third party app.

The phishing email looks fairly genuine and often from a convincing sender address. However, the scam give away is often in the ‘to’ address, such as in the example below shared by Gizmodo. You’ll notice that the ‘to’ address is ‘hhhhhhhhhhhhhhhhhh’

Google docs scam

Image from Gizmodo/Pexels

Google encourages users not to click on any links or open emails which are suspicious. If you receive an email such as the above we recommend you delete it immediately.

If you think you have been a victim of such a phishing email and you have clicked on the link granting permission, don’t panic. Go to your Google settings and remove permission for the app to be connected to your account.

Google permissions image

If you are worried you have fallen victim to a malware attack or similar phishing scam contact us immediately. We can also offer advice and assistance on device & data security to help protect your business.

Further info:

https://www.theguardian.com/technology/2017/may/03/google-docs-phishing-attack-malware

http://gizmodo.com/a-huge-and-dangerously-convincing-google-docs-phishin-1794888973