Warning: do not click on the google doc’s you just received.

Did someone just share a random Google Doc with you? 


First of all — Do not click on that Google Doc link you might have just received in your email and delete it immediately — even if it’s from someone you know. 
 People all around the Internet, especially journalists, are receiving a very convincing OAuth phishing email, which says that the person

[sender] ” has shared a document on Google Docs with you.” 

Once you clicked the link, you will be redirected to a page which says, Google Docs would like to read, send and delete emails, as well access to your contacts,asking your permission to “allow” access. 

  • If you allow the access, the hackers would immediately get permission to manage your Gmail account with access to all your emails and contacts, without requiring your Gmail password. 

But How? The ” Google Docs” app that requests permissions to access your account is fake and malicious, which is created and controlled by the attacker. 

You should know that the real Google Docs invitation links do not require your permission to access your Gmail account. 

Anything Linked to Compromised Gmail Accounts is at Risk


google-docs-oauth-phishing

Once the app controlled by the attacker receives permissions to manage your email, it automatically sends same Google Docs phishing email to everyone on your contact list on your behalf. 

  1. Since your personal and business email accounts are commonly being used as the recovery email for many online accounts, there are possibilities that hackers could potentially get control over those online accounts, including Apple, Facebook, and Twitter.

Meanwhile, Google has also started blacklisting malicious apps being used in the active phishing campaign. 

“We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail,” Googletweeted.

This Google Docs phishing scheme is spreading incredibly quickly, hitting employees at multiple organizations and media outlets that use Google for email, as well as thousands of individual Gmail users who are reporting the same scam at the same time. If by anyhow you have clicked on the phishing link and granted permissions, you can remove permissions for the fraudulent “Google Docs” app from your Google account. Here’s how you can remove permissions: 

  1. Go to your Gmail accounts permissions settings athttps://myaccount.google.com and Sign-in.
  2. Go to Security and Connected Apps.
  3. Search for “Google Docs” from the list of connected apps and Remove it. It’s not the real Google Docs.


Source: The Hacker News

Advertisements

One thought on “Warning: do not click on the google doc’s you just received.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s