Did you click on an unsolicited Google Docs email invite today? It might have been a scam.
According to Vice's Motherboard, online miscreants on Wednesday launched a "massive phishing campaign targeting Google accounts." The "highly sophisticated" campaign appears to have hit a number of journalists, along with individuals from other industries, the report notes.
The fraudulent emails include what appears to be a Google Doc link from someone the recipient knows. "These, however, are malicious emails designed to steal your Google password or hijack your account," Motherboard advises.
Reddit user JakeSteam, who received the phishing email, said clicking the purported Google Docs button in the message takes you to an actual Google page, which asks you to grant access to an app masquerading as Google Docs. Granting permission would give the attacker full access to your email messages and contacts. The email then replicates itself and spreads to "everyone you have ever emailed," according to JakeSteam.
Affected individuals who clicked "allow" should revoke access to the fake Google Docs app right away, JakeSteam recommends.
The attack can bypass two-factor authentication, so having that additional layer of security enabled won't help you. Note that it's still a good idea to have two-factor authentication enabled, as it makes your account much harder to crack.
In a statement, Google said it had shut down the attack, which affected "fewer than 0.1 percent" of Gmail users.
Related
- Google Drive Tips You Can't Afford to MissGoogle Drive Tips You Can't Afford to Miss
"We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems," Google said. "We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There's no further action users need to take regarding this event.
Those who would like to review the third-party apps connected to their account can visit Google Security Checkup.
This phishing campaign comes after attackers in January targeted Gmail users with a sophisticated ploy designed to steal usernames and passwords.
A small-business owner took her original plan to Shark Tank before scrapping it and buying a franchise.
A Google Docs phishing attack is trying to hijack email accounts on a grand scale.
These scams aim to trick taxpayers into handing over sensitive data such as passwords, Social Security numbers, and bank account or credit card numbers.
Relax Don't Fall for This Google Docs Phishing Scam stories
Now, instead of having to rely solely on your spidey senses, Gmail tell you when something's awry.
The practice of intercepting messages between Americans and foreigners that mention a terrorism suspect will end.
These new revelations follow the arrest of a Lithuanian man named Evaldas Rimasauskas, who is charged with orchestrating the scam.
In the US, most requests come from search warrants and other court orders, although some are made using secret "national security letters."
The software development kit could greatly expand the already-growing collection of devices that support the Google Assistant.
Easily share all the reservations for your trip with the tap of a button, manually update your itinerary, and use the app to keep your train and bus reservations organized.
Palantir will have to pay back wages and the value of stock options to several Asian candidates it passed over for employment, in addition to re-extending job offers.
And in case you'd rather daydream about seeing the hit musical Hamilton instead of cooking dinner, Google can help you out with that, too.
The Google co-founder is building an airship in a hangar near the company's headquarters, Bloomberg reported.
Just tap the blue dot in your iOS or Android Google Maps app and set your parking location.
The hacking group, known variously as Fancy Bear or Pawn Storm, uses sophisticated phishing attempts and targets victims seen as at odds with Russian interests, Trend Micro reports.
Google said it's improving the methods it uses to evaluate sites, and is rolling out algorithmic updates to 'surface more authoritative content' and demote fake news.
A breach discovered over the weekend may have exposed the messages and content in a small number of HipChat rooms, the company said.
Phoenix-area residents can apply now to be among the first in the world to ride in and give feedback about Waymo's self-driving vehicles.
CNN pundit, Obama administration Green Jobs advisor, and Dream Corps founder Van Jones stopped by PCMag's offices to talk about his efforts to make Silicon Valley more diverse.
A lawsuit filed yesterday in the Southern District of New York claims that the Windows version of Confide doesn't offer screenshot protection.
By using non-Latin Unicode characters, it's theoretically possible to register a domain name for a phishing website that looks nearly identical to the one it's trying to spoof.
Secure communication should really be at the top of mind for any entrepreneur. And the best line of defense probably isn't what you think.
37 restaurants confirmed as having malware installed on point of sale equipment and card details stolen between December and March.
The Switch is selling well, now Nintendo wants to ensure the games do too by thwarting piracy before it happens.
Tax-themed spam emails increased 6,000 percent from December 2016 to February 2017. Here are some common scams to look out for.
'Blackout' lets you peek into the inner lives of fellow subway riders using VR.
Any attempt to trademark a game name with "Prey" in the title will trigger a response from ZeniMax's lawyers.
This commercial truck is powered by two 230HP electric motors that can haul up to 5,000 lbs and go 80 miles without using any fuel.
Riding the electric Redshift MX motorcross bike.
'By doing that, we can be the ripple in the pond,' Apple CEO Tim Cook said.
Redevelopment hell.
That's a lot more than originally expected.
At last, the KEYone is an Android-powered BlackBerry that actually feels like a BlackBerry
Hard work can pay off -- if you know how to seize the right moments.
In the wake of Apple ditching its graphics know-how, Imagination Technologies will sell off chunks of its business to survive.