Countless GMail users were greeted with a familiar message on Wednesday.
An unsuspecting user receives an email that’s an invitation from someone on their contact list. Once opened, the email prompts them to accept an invitation to “share” a Google Doc. What seems legitimate has turned out to be an elaborate phishing scam.
The email doesn’t look exactly right, but if you’ve accepted such an invitation before, it’s hard to tell the difference. Once the user hits “accept,” it prompts them to login once more. Once logged in, it hijacks your Google password and login details and sends the same email to your address book, causing it to spread like wildfire.
Here’s what you need to know:
1. The Phishing Scam Hijacks Your Entire Google Address Book & Sensitive Data
The “hack” sends a targeted email to someone you may know and then takes them to a Google sign-in page that looks legit. That page is in fact not legitimate and was created by a third-party application.
Once logged in, it asks them to “continue to Google Docs,” but unknowingly, it gives the scammers permission to a web application that shares the same name with the legit Google Docs application.
See how it works in the GIF above.
Once accepting the prompt, it accesses your login details and your entire address book. Almost as soon as you hit accept, the third-party application sends messages to people in your address book.
The scam appears to be targeting journalists and educators, reports on social media say.
2. If You’ve Received the Email, Delete It Immediately
Those who receive the email are urged to delete it immediately to avoid being subjected to the hoax.
Don’t even click on it. Just hit “delete” to ensure safety.
Once you click on it, the application most likely has access to all of your contacts and information that you have shared in the past and could utilize that information against your will. That means passwords and all sensitive information you may have shared through Google.
Deleting the email seems to be the only current way ensure you are protected.
3. Google Has Said It’s Taken Action Against the Phishing Scam
With the scam making waves on the internet Wednesday, Google tried to take control of the situation.
The company released a statement on the elaborate scam via Twitter. It said that it’s “taken action” to assist its users in protecting themselves against the phishing scam.
Here’s the full statement from Google:
We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.
4. Google Docs Were Launched In 2012 & Have Millions of Users
Sensing a huge rise in popularity, Google launched Google Drive and along with it, Google Docs.
It officially released the innovative software April 24, 2012 and allowed users to store files within Google’s cloud and synchronize files across various devices and share files.
As of October 2014, the application has over 240 million users.
Nowadays, Google Drive is available on most devices and even has offline access.
The software has helped Google become the world’s most popular brand, a 2017 study said. It took the spot over from Apple, which was at the spot since 2011. Google’s monetary value currently sits at $109.5 billion, a 24 percent rise from 2016.
5. A Similar Scam Happened 3 Years Ago
Phishing isn’t anything new on the internet. Every day, there are many attempts from hackers and third-party applications to access sensitive information.
A similar scam occurred in 2014 and it also targeted users of Google Docs and Drive.
The scam sent victims a similar link that looked as if it were a Google Doc invitation from someone they know. It urges the recipient to check out an important Doc by clicking a link included in the email. The link didn’t send them to the official, secure page hosted by Google. Instead, it was another third-party application that appeared awfully similar to Google Doc’s official page.
Once the victim hit accept, it sent them to Google’s login screen and it obtained their data. The hoax page was indeed hosted on Google’s servers, but the scammers created a folder in a Google Drive account and made it public. They uploaded a file to the Drive account and used the software’s “preview” feature to obtain a URL that they’re able to include in messages.
The scam was so convincing that after the user hits “sign in” it redirected to a real Google Doc.