the winxnet blog Blog Header Image

Google Doc Email Phishing Scam

Posted on 5/12/2017 10:54:35 AM by Dr. Eugene Slobodzian
Category: Security & Compliance



Last week, a dangerous email phishing attack made the rounds at multiple organizations that use Google for email as well as thousands of personal Gmail customers.

The scam starts with an email from a known contact, which states that the person has shared a Google Doc with you. You are then invited to click the link to open, which redirects you to a legitimate Google sign-in page. You’re prompted to select one of your Google accounts an;d then authorize a ‘Google Docs app’ to manage your emails. The Google Docs app isn’t a Google app and is controlled by the hackers. Once it has permission to manage your email, it then sends a bunch of emails to your contacts with the same phishing link without you knowing.

Once the hackers have control of your Gmail account, the possibilities are scary. Personal and business email accounts are commonly used as the recovery email on several accounts which means that hackers could easily get control to your Amazon, Apple, Facebook, Twitter, LinkedIn or other personal accounts.

To keep yourself secure, delete any email shared regarding Google Docs unless you can confirm with the sender that it’s not a phishing email. If you already clicked the email, set up a two-factor authentication, using a cell phone on any critical account. If you clicked the Google Docs email with a work email, let your IT team or partner know immediately.

Also, it’s imperative that you remove the permissions for the fake ‘Google Docs App’ from your Google account. To do this, sign it and go to the security page and view ‘Connected Apps.’ From there, delete any apps that you do not recognize.

If you have any questions or concerns about this, please reach out to our Security experts today.