A malicious and smart scam is spreading like wildfire across the internet, infecting computers and compromising people’s safety. During the attack, users were sent a deceptive invitation to edit a Google Doc, with a subject line stating a contact “has shared a document on Google Docs with you”.
Google has made sure that the Spam has been removed from internet
The email address hhhhhhhhhhhhhhhh@mailinator[.]com was also copied in to the message; Mailinator, a free email service provider has denied any involvement.
If users clicked on the “Open in Docs” button in the email, they were then taken to a real Google-hosted page and asked to allow a seemingly real service, called “Google Docs”, to access their email account data.
By granting permission, users unwittingly allowed hackers to potentially access to their email account, contacts and online documents.
The malware then e-mailed everyone in the victim’s contacts list in order to spread itself.
According to PC World magazine, the scam was more sophisticated than typical phishing attacks, whereby people trick people into handing over their personal information by posing as a reputable company.
This is because the hackers bypassed the need to steal people’s login credentials and instead built a third-party app that used Google processes to gain account access.
Google says it has stopped a phishing email that reached about a million of its users. The scam claimed to come from Google Docs
Google said the spam campaign affected “fewer than 0.1%” of Gmail users. That works out to about one million people affected.
If there’s any chance that you might have opened any Google Docs links recently then you should assume that you might be affected. Follow the relatively simple steps below.
Firstly, don’t panic. The potential effects of the scam are huge but it’s also relatively easy to undo much of the damage.
If there’s any chance that you think you might have been hacked, then follow the steps below. There’s no danger done by doing so even if you haven’t in fact become part of the attack.
Now head to Google’s My Account page, and head to the app permissions options. You’ll be looking to remove the very bad but legitimate looking “Google Doc” from having any permissions – if it’s there, and has a relatively recent authorised date, then you know that something’s up.
Once it’s kicked out of your account, the control the scam has over your account will be stemmed – it will no longer be able to read your email or send out the invites. But it’s after effects may continue. And so you should do what you can to prevent those, too.
First, inform anyone that is in control of your network. In most workplaces and universities hit by the attack – which is targeting corporate email accounts using Google software as well as Gmail ones – there will be someone in IT or the network team who can help and ensure that the institution’s computers are kept safe.
Second, get in touch with anyone you think you might have secretly sent the link to and share this article with them, to ensure that they too can stay safe. Don’t spam your contacts, of course – but make sure that they are safe.