If you noticed some weird Google Docs shares in your Gmail inbox today, you’re not alone. In fact, you were the target of a large-scale phishing attack.
The email looks like a typical shared Google Doc invitation. But, once you click “allow,” you’re granting account access to a malicious app masquerading as “Google Docs.” The app then forwards the message through your email address to all of your contacts. Google is reporting that the exploit has been disabled, but it’s still unclear how far it has spread and what the total effects are.
We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail.
— Google Docs (@googledocs) May 3, 2017
You can find more information in this massive Reddit thread about the attack, including a method for buttoning up your account if you have already clicked on it (basically, you have to revoke access to the phony “Google Docs” app). A Google employee commented on the thread and escalated the issue so it could be fixed.
It’s unclear with the endgame is for a scheme like this, but it’s a nice reminder that you should follow some basic safety and security guidelines to keep your email secure. Worth noting: Two-step authentication doesn’t prevent this phishing message from spreading.
Be careful out there.