A dangerous email phishing scam is impacting organizations and individuals that use Google email. Reports indicate that Google has shut the attack down, but not before as many as 1 million users were affected.
The message sent yesterday looks very authentic, appears to be sent by a “trusted” contact, and asks the recipient to open a Google Doc. After opening the link, you’re redirected to what looks like a legitimate Google sign-in page and prompted to select one of your Google accounts. Once you authorize “Google Docs” to "read, send, delete and manage your email", as well as "manage your contacts", the attacker subsequently gains access to your Gmail account as well as any potentially sensitive information that may be present on stored messages. The Phishing emails are then redistributed using your contact list.
Once the fraudsters have control of your Gmail account, they could potentially get control over any account linked to that compromised Gmail account - your iTunes, Amazon, or Social Media accounts!
To protect yourself:
Delete any email about a shared Google Doc, unless you can verify with the sender that it’s not a phishing email.
If you already clicked on the link:
Google suggests setting up two-factor authentication, using a cell phone number, on any critically important account, as well as removing permissions for the fake “Google Docs” app from your Google account. Go to myaccount.google.com, Sign-In and Security, and Connected Apps. You’ll be able to view the list of connected apps, and delete anything you don’t recognize. You should also consider notifying your contacts that you were a victim of a phishing attack.
Be aware that “copycat” attacks could soon be launched using other popular web services such as Facebook and LinkedIn.
Remain vigilant to minimize risks from future phishing attacks:
- Only open emails from trusted senders.
- Do not open unexpected documents.
- Do not click links without first validating sender legitimacy.
- Delete suspicious emails immediately.
- Install antivirus/malware software.
- Update your operating system whenever available.
- Don’t respond to messages requesting personal or account information. SkyOne send emails requesting you to update confirm personal or account information.
Questions? We’re here for you. Call us at 800.421.7111 or email us.