A new phishing scam mimics Google Docs to trick victims into giving up complete control of their Google email and contacts.
Beginning Wednesday, May 3, reports began surfacing of a phishing email that claims that one of the recipient’s contacts has shared a Google Doc. The email looks like a legitimate Google Docs sharing email. Once the victim clicks the link in the email, they are taken to the Google account selection screen, and asked to give Google Docs permission to access and manage the users’ email and contacts. However, this particular Google Docs app is not in any way affiliated with Google, and the victim ends up giving full control of email and contacts to the scammers.
But even after this, the scam is not over yet. Once the user has granted permissions to the fake Google Docs app, it uses the victim’s email account to forward the phishing email to their contacts.
According to Google, this email has reached approximately 0.1% of their Gmail users, which would correspond to around 1 million accounts. Google was quick to respond to the reports of this scam, within hours disabling the offending accounts, removing the fake pages, and updating its Safe Browsing blacklist used by Chrome and Firefox. These measures should effectively neutralize the malicious emails in users’ inboxes. However, possible variations and future versions may represent continued threat.
As with other phishing scams, the best strategy is to be suspicious of anything you are not expecting to receive. For more information on recognizing and preventing phishing attacks, read our phishing overview and Facebook example.