Click to Skip Ad
Closing in...
  1. Best Alexa Devices
    08:06 Deals

    Amazon’s hottest smart home gadget is down to $19 today – and you can get a $4…

  2. Mattress Topper Amazon
    14:52 Deals

    35,000 Amazon shoppers gave this mattress topper 5 stars – get one for $34 today

  3. Amazon Echo Auto Price
    13:16 Deals

    Add hands-free Alexa to your car for $19.99 with this Amazon deal

  4. MacBook Pro 2021 Price
    16:34 Deals

    Amazon slashed $200 off Apple’s M1 MacBook Pro, or get a MacBook Air for $899

  5. Amazon Gift Card Promotion
    11:46 Deals

    How you can get $15 from Amazon right now for free




This sophisticated phishing scam has the entire internet terrified

May 3rd, 2017 at 3:33 PM
Google Docs phishing hack attack

A dangerous email phishing scam is doing the rounds today. Employees at multiple organizations that use Google for email, as well as thousands of personal Gmail customers, are all reporting the same scam.

It starts with an email from a known contact, which says that the person has shared a Google Doc with you. You’re invited to click the link to open, which redirects you to a legitimate Google sign-in page. You’re prompted to select one of your Google accounts (remember: this is all using Google’s normal sign-in system), and then authorize a legit-looking app called “Google Docs” to manage your emails.

That’s how the scam works: the app called “Google Docs,” which requests permission to read, send and delete emails, isn’t really a Google app. Rather, it’s an app controlled by the hackers. It seems that once it has permission to manage your email, it secretly sends out a bunch of emails to all your contacts, with the same phishing link.

Once the hackers have control of your Gmail account, the possibilities are scary. Personal and business email accounts are commonly used as the recovery email on a number of digital accounts, which means that hackers could potential get control over your Apple, Amazon, Facebook, Twitter or personal Google account. Anything linked to a compromised Gmail account is potentially at risk.

To protect yourself, the most obvious thing to do is to delete any email about a shared Google Doc, unless you can personally verify with the sender that it’s not a phishing email. If you already clicked on the link, you should set up two-factor authentication, using a cell phone number, on any critically important account.

You can also remove permissions for the fake “Google Docs” app from your Google account. Go to myaccount.google.com, Sign-In and Security, and Connected Apps. From there, look at the list of connected apps, and ensure that anything you don’t recognize is deleted.




Popular News