If you get a link inviting you to open a Google Doc — even one that apparently came from someone you know — be careful before clicking it open.
According to multiple reports online, Gmail users are being targeted by a phishing scam that began spreading rapidly around mid-day Wednesday.
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. pic.twitter.com/fSZcS7ljhu— Zeynep Tufekci (@zeynep) May 3, 2017
The scam begins with an email notification telling you that someone from your email contacts has “shared a document with you in Google Docs.”
According to The Verge, clicking on the link will take you to a Google page where you are asked to “sign in to Google Docs.” But in this case, "Google Docs" is the name of the malware.
Clicking on the link gives the malware access to your address book, which, according to Buzzfeed, is likely how it has been spreading.
Can you pick out the malicious login page? pic.twitter.com/RCcJ3g0N50— Brandon Frohs ❄ (@0b10011) May 3, 2017
The phishing scam is particularly dangerous because, unlike many other similar scams, it doesn’t take users to a fake web page, but rather to a real Google Docs page.
However, the software appears to have a tell: In many instances, the address line in the email shows the first recipient as “firstname.lastname@example.org.” It’s unclear at this time if all the phishing emails contain this address.
If you’ve clicked on the malware link, simply changing your Google accounts password may not be enough. Go to “my account” in your account, and navigate to “manage apps.” There, remove permissions for “Google Docs,” or any other app that was given permission about the time you clicked on the link.
The video below explains how to do that.