In an extremely sophisticated phishing scam, you might see emails in your mailbox from friends. They invite you to view some Google Docs. Whatever you do – don’t open it!
While they might appear to be legit invitations, they aren’t. The emails ask that you give access to Google Docs. If it was the real Google Docs, you would not need to give third-party access and permission would not be required this way. Once the fake app gets access to your Gmail account it spams all of your contacts. The phishing scam gains the ability to read, send, delete and manage all of your emails. Worse than that—it manages all of your contacts, enabling it to spam anyone you have ever emailed.
There is a giveaway – if you look at the cc address it says something like: hhhhhhhhhhhhhhhhhhh@mailinator.com
If you get an email like that – don’t open it, don’t click the link. For safety, if you want to see which apps you’ve granted email access to look at your Google Permissions page.
“We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts,” a Google spokesperson says in a statement emailed to NPR.
“We’ve removed the fake pages, pushed updates through Safe Browsing,” the statement continues, “and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
Finally, if by some chance you already opened link, Vice’s Motherboard explains what to do next:
“If you have clicked on the link, go to your Google account’s page (https://myaccount.google.com/permissions) where you can manage the permissions you’ve granted to apps (or go through the whole Google Security Checkup). Then locate the ‘Google Doc’ app. This looks totally legitimate, but it’s actually not. If that’s the malicious app that’s gotten access to your account after you clicked on the link it should have a recent ‘Authorization Time.’ Now, click on that Google Docs app and click ‘Remove.’ ”
