Internet giant Google has found itself among the victims of a scammer. In the early afternoon hours of Wednesday, May 3rd, 2017, a Google Docs scam ran through the internet like wildfire.
The scam consisted of an email that stated someone wanted to share a document with you through Google Docs. The link in the email to open the document lead to a page that asked you to choose an account to log into Google. Once you chose an account, a developer alert would pop up warning you that you were being redirected. Anyone who choose to still pick an account to sign in would be asked to give Google Docs permissions to manage your account – manage, as in read, write, and delete your emails and manage your contacts!
Many things contributed to making this phishing scam successfully spread so quickly and as far as it did. First off, the email itself listed someone you already knew as the sender of the document. This is because once an account was compromised, the fake invite automatically sent itself out to everyone in that person’s contacts list. Secondly, the link in the email took the victim to a real Google-hosted page that contained a list of their accounts just ready to be clicked. Third, the third-party app that you are asked to give account permissions to was called “Google Docs.” All those little tricks combined into a scam that fooled many people into compromising their accounts and unknowingly continuing the spread of the scam.
Though this scam was sneaky, there were a few red flags that pointed clearly to this being a phishing attempt. The email comes addressed not only to you, but to another address: [email protected] com. Those who are familiar with Google Docs may have noticed that the email informs the recipient that the sender has invited you to view a document, without giving the document’s name, and has only an option to “Open in Docs.” A real share from Google Docs would not only give the name of the document, but has the blue Google Docs logo next to the document name and tells you that you were being invited to edit the document. Lastly, there is no third-party app for Google Docs – it’s built into their platform. You will never be asked to give account permissions to view a legitimate document in Google Docs.
As this phishing scam reared its ugly head on Wednesday afternoon, it appeared to be mainly concentrated to large businesses, educational institutions, and journalism organizations. Locally, the Moorhead School District reported being hit by the scammer. The scam was quickly reported to Google (with warnings about the scam flooding various social media just as quickly), who took immediate action to track down the culprit and disable the offending accounts. They have removed the fake pages associated with the scam and have updated their Safe Browsing. They are also actively working to prevent this or anything similar from happening again. Google encourages anyone who receives any type of phishing emails through their Gmail account – or phishing emails that appear to come from Google – to report them immediately.
If you are one of those who have fallen victim to this scam, or have received the email and are concerned your account is compromised, you will want to check your account’s app permissions. Should you find an app called “Google Docs,” click on it once to highlight it, then click “Remove.”
More information about this phishing scam can be found by following the links below:
www.techcrunch.com – contains a play-through of the scam email
www.techcrunch.com — Google’s official statement
www.usatoday.com — contains a comparison of the scam invite and a real Google Docs invite
www.nbcnews.com — contains more information about what to do if you’ve been compromised
Support.Google.com — Google’s own guide to avoiding and reporting Google scams