Bogus Google Docs referenced in fast-moving phishing scam

A fast-moving phishing scam is hitting public and private email accounts worldwide Wednesday afternoon, largely impacting journalists, school districts and government agencies.

<blockquote class=”twitter-tweet” data-lang=”en”><p lang=”en” xml:lang=”en” dir=”ltr”>We are investigating a phishing email that appears as Google Docs. We encourage you to not click through, &amp; report as phishing within Gmail.

— Gmail (@gmail) <a href=”https://twitter.com/gmail/status/859863893484593152″>May 3, 2017</a></blockquote>

The fraudulent emails seemingly come from existing contacts and invite users to open fake Google Docs. CNet.com called the threat <a href=”https://www.cnet.com/news/dont-get-reeled-in-by-massive-google-docs-phishing-scam/” target=”_blank”>”extremely sophisticated.”</a>

According to a <a href=”https://www.theatlantic.com/technology/archive/2017/05/did-someone-just-share-a-random-google-doc-with-you/525279/”>report from “The Atlan</a><a href=”https://www.theatlantic.com/technology/archive/2017/05/did-someone-just-share-a-random-google-doc-with-you/525279/”>tic,”</a> the attack is particularly sneaky because it “looks legit.” However, once a person clicks on the “Open in Docs” button to open the bogus Google Doc, the message automatically replicates itself, potentially spamming everyone else in the affected user’s contact list. While phishing scams usually involve efforts to gain access to private information, the attack today appears to have no clear purpose—making the threat particularly difficult to address.

Within the last hour, Twitter is abuzz with Tweets warning email users both in the public and private sectors not to open emails with Google Doc invitations. <a href=”https://twitter.com/zeynep/status/859840026082988038/photo/1″>Buzzfeed News</a> reports the attack as “massive,” and advises people to delete suspicious emails immediately. A <a href=”https://www.reddit.com/r/google/comments/692cr4/new_google_docs_phishing_scam_almost_undetectable/”>commenter on Reddit</a> describes the threat as “almost undetectable.”

Email clients are being advised to block messages containing the <a href=”mailto:hhhhhhhhhhhhhhhh@mailinator.com”>hhhhhhhhhhhhhhhh@mailinator.com</a> address from inbound and outbound mail right away.

<blockquote class=”twitter-tweet” data-lang=”en”><p lang=”en” xml:lang=”en” dir=”ltr”>PSA: There’s a massive phishing scam spreading across emails and Google Docs right now. Don’t click on any suspicious links! <a href=”https://t.co/tJtHwfMn0T”>pic.twitter.com/tJtHwfMn0T</a>

— CNET News (@CNETNews) <a href=”https://twitter.com/CNETNews/status/859852328274362371″>May 3, 2017</a></blockquote><blockquote class=”twitter-tweet” data-lang=”en”><p lang=”en” xml:lang=”en” dir=”ltr”> 

</blockquote><blockquote class=”twitter-tweet” data-lang=”en”><p lang=”en” xml:lang=”en” dir=”ltr”>If you opened the Google Docs phishing email, here’s how to fix:<a href=”https://t.co/cucndZ39ad”>https://t.co/cucndZ39ad</a><br /><br />If you see Google Docs, delete it <a href=”https://t.co/UH9bDgbqhK”>pic.twitter.com/UH9bDgbqhK</a>

— Tom Warren (@tomwarren) <a href=”https://twitter.com/tomwarren/status/859856662835941376″>May 3, 2017</a></blockquote><blockquote class=”twitter-tweet” data-lang=”en”><p lang=”en” xml:lang=”en” dir=”ltr”> 

</blockquote>

Free News Delivery by Email

Would you like to have the day's news stories delivered right to your inbox every evening? Enter your email below to start!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.