A new – and surprisingly sophisticated – email Phishing Scam hit Gmail users on Wednesday. People received an email inviting them to click on a shared Google Doc, reportedly sent to them by someone they knew. When clicking on the link, victims were then prompted to give the email sender access to their Google contact lists, along with Google Drive. This then gave the scammers the opportunity to get hold of their contact lists and send out even more spam emails. This reportedly relates to all emails in the contact list, not just those relating to Gmail.
Ignore that email and report it to Google
Anyone who found an email of this nature in their inbox, even if it appeared to come from their mother, should ignore it and report the Phishing Attack to Google. While it might look like the email came from a known contact, the actual source was “hhhhhhhhhhhhhhhh@mailinator.com.” The scammers set it up in such a way that all recipients of that email were then BCC’d.
Google Docs Users Targeted by Major Phishing Attack https://t.co/ymNHPRcQ0B pic.twitter.com/RBhfzwrz5H
— KTLA (@KTLA) May 4, 2017
Accounts related to phishing attack removed by Google
According to Google, they are still investigating the phishing scam and have already disabled the accounts that were responsible for the original spam emails.
Google encouraged users to not click through on the link and to report the phishing within their email account. As reported by CNBC, Google later sent a second statement saying they had disabled the accounts responsible for the email phishing scam and have updated their systems to block the attacks. They are now working on methods to prevent an attack of this nature happening again.
Google believes less than 0.1 percent of Gmail users were affected.
Just got an updated statement from Google. The company says that today’s phishing attack "affected fewer than 0.1% of Gmail users." pic.twitter.com/XTg53WkD7I
— Jim Dalrymple II (@JimDalrympleII) May 4, 2017
What to do if you did click on that Google Docs link
The New York Times offered tips on what to do if you receive one of the emails.
Firstly, do not click on the link, no matter who it appears to be from. The writer received one late yesterday and instantly sent a separate email to the person in question to tell them, if the document was genuine, to send it via an email attachment. The sender was then warned that, if they hadn't sent the link to a Google Doc, they had probably been hit by the Gmail phishing attack.
ALERT: DO NOT open any Google Docs sharing links for a while. https://t.co/MG7z4LcDIG
— Scott Hanselman (@shanselman) May 3, 2017
Turn on Gmail's multifactor authentication option
The report goes on to recommend turning on multifactor authentication in your Gmail account. When logging in from an unrecognized computer, the service will then text a one-time code to your phone and you will need to enter that code to log in.
This helps to prevent any hackers getting in with a stolen password.
Revoke access to Google Docs
Anyone who did click on the link, thereby giving the spammers access to their Google account, can revoke their access via the permissions option in their Google account. Go into your settings and revoke access to “Google Docs.”
Report the Phishing attack to Google
Report the phishing attack to Google, using the down arrow top right of your inbox. Select “Report Phishing.” This will assist Google in their investigations relating to the scam.
Change your Google password
Probably the most basic thing that everyone should do if they have fallen victim to the scam – and maybe even if they haven't – is to immediately change their Google access password to something never used before.
Make it long and complicated with letters, numbers and other keyboard characters and always avoid using a normal dictionary word.
As with everything email related, stay safe. If you see an email that looks in the slightest bit suspicious, simply don’t open it. Send it straight to the recycling bin.