PSA: Beware Of The Google Docs Phishing Scam

Earlier this afternoon a Google Docs phishing scam spread like wildfire across the internet, reports piled in on Twitter and Reddit of the phishing scam and it’s details.

The phishing scam starts with an email sent to your G-Mail account inviting you to edit a document on Google Docs and will most likely look like it is coming from someone you know or have emailed with before. Your first reaction would probably be to click right through and take a look at the document so you can see what your friend or co-worker needs help with. However once you start down that process you’ll see it’s not your typical Google Doc.

Photo courtesy of TheVerge.com

While normally the link would take you right to the google doc you’re trying to access, the phishing scam takes you to a different screen where the actual phishing application which is masked as “Google Docs” requests access to your accounts. If you click allow here then they got you. The legitimate Google Docs would not need to request access to your Google account as it’s an official Google application that already has access to your account. You can see in the image below that the “Google Docs” application is clearly not legitimate when you hover over it as the developer information is associated with a random gmail address.

Photo courtesy of TheVerge.com

Google has reportedly put a fix in place very quickly for this and is now auto flagging emails that come in through this attack. Cloudflare has also reported they have taken the domains offline the hackers were using. If you see this email come in make sure to not click on it and report it to Google for phishing.

I already clicked the link; what now?

If you clicked all the way through the phishing attack and gave the application access to your Google account, you can remove the applications access to your account by going to the link here: https://security.google.com/settings/security/permissions and removing permission from the application called “Google Docs”. This will remove their access to your account.

Photo courtesy of TheVerge.com

Remember to stay vigilant against against phishing attacks of all shapes and sizes. PC Matic customers can also take advantage of the free KnowBe4 security awareness training that comes with each PC Matic purchase. If you need help accessing this please contact our support team at pcmatic.com/help and they will help you get access to the online course.

 

h/t TheVerge.com

 

 

(Visited 11,327 times, 3 visits today)

6 thoughts on “PSA: Beware Of The Google Docs Phishing Scam

  1. The universe of web has opened up various potential outcomes. While the focal points are numerous, personality criminals have guaranteed that there are impediments as well. Phishing tricks are on the expansion and in the event that you are an enthusiastic online client, then it is vital to guarantee you find a way to keep away from internet phishing tricks.
    In the event that you surf the web, buy items over the web or utilize the numerous money related administrations offered by your charge card organization, bank and even PayPal and EBay, then you ought to know about Phishing tricks and how they can influence you by and by. Phishing tricks are when programmers or hoodlums take on the appearance of a genuine substances so as to take delicate data, for example, Visa numbers, government managed savings numbers, and so on to confer misrepresentation. Phishing tricks are various on the web and can influence practically anybody. That is the reason you ought to know about phishing assaults regardless of the possibility that Google enhancing it.

  2. Hi can someone from PC Matic get back to me??? I have been trying to reset my password to no avail.
    I need to add another computer AND I want to pay for a life time subscription but can not access my account
    because i forgot my password. I have gone through the steps but nothing shows up in my emails. I need
    someone at PC to respond to me PLEASE!

    • Sandra, I’m sorry that you’re having an issue resetting your password! Be sure to also check your junk or spam folders as sometimes legitimate emails can get caught in there. I also responded to your support request with a link to reset your password. Please see if you are able to complete the process using that link.

Leave a Reply

Your email address will not be published. Required fields are marked *