An email phishing scam luring people to click on a malicious link has resurfaced.
Businesses, schools, individuals and others have been hit with a phishing email that asks users to click on a Google Doc. Do Not Click the Link!
Once someone clicks on the link, which in some cases appears in a blue box with the words “Open in Docs,” it will attempt to hijack the user’s account and can send the link to the user’s email contacts, too, perpetuating the problem.
One of the giveaways is the subject line is garbled and the email may come from an unexpected source or contact.
Google Docs said in a tweet Wednesday afternoon that it’s investigating the phishing messages, and it encouraged users to not click it and report it to Gmail. In a statement, Google said it’s taken action to protect users against the attacks and disabled offending accounts.
“We’ve removed the fake pages, pushed updates through Safe Browsing,” Google tweeted. Google said it has a team working to prevent similar account “spoofing” from happening again.
Google said users who clicked the email can check their accounts for a breach though myaccount.google.com.
The countermeasures Google described are likely to stop the spread of the attack, but as one security expert noted, the attacker has already had time to harvest million of email addresses via victims’ Gmail contact lists.
But there is a very good way to protect yourself. If you haven’t already, make sure you have two-factor authentication set up on your Google accounts. Doing that will help ensure that, even if hackers do trick you out of your password, they will likely be unable to use it.
If you are an Applied Tech customer and you or a member of your team believe they have clicked the Google docs link, please reach out to Applied Tech right away.
Toll-Free Help Desk: 855.729.1301