Google Doc phishing scam spreads like wildfire — here’s how to spot it
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
The definitely not-legit email disguises itself as an official message from Google alerting you that someone wants to share a Google Doc with you. Notifications of this sort are common and often wouldn’t raise an eyebrow.
However, clicking through this particular link and taking the requested steps will open up your inbox — and potentially everyone on your contact list — to an as-of-yet unknown attacker.
I got a Google Doc invite from a BuzzFeed email address, clicked on it, and it spammed everyone I’ve ever emailed
— Joe Bernstein (@Bernstein) May 3, 2017
And, like we said, the link looks real — complete with a little “Open in Docs” blue box.
Just how widespread is this? Numerous reporters at Mashable have received the same phishing email, as have students at Columbia University— as a warning email sent out by a member of the Philosophy department shows. The scam may have even hit the Capitol.
Sources tell me that those phishing emails have also started making their way around the Senate. Unclear how widespread.
— Lissandra Villa (@LissandraVilla) May 3, 2017
Google confirmed that it is aware of the problem and is looking into it.
According to one Reddit user, once a victim clicks on the fake Google Doc link, he or she is taken to a real Google page prompting you to select an account. After that, they are taken to a new page asking that they allow “Google Docs” to access the account.
If you click “allow,” the attacker can access your account. And all your contacts will likely soon receive a fake Google Doc invite from you.
So, how to tell if that latest Google Doc your friend shared is real or fake? Thankfully, there are a few tell-tale warning signs. First, real Google Doc invites look different than the recent fake. Here’s a legit one for comparison:
Notice the Google address at the bottom? And the box border formatting? The fake Google notification doesn’t have that.
Second, expand the dropdown option in the menu bar next to the sender’s name. Below is a real Google notification for a shared Google Doc.
Lastly, the spam email is also addressed to “firstname.lastname@example.org,” which is an account with the disposable email service Mailinator.
So now that you know what’s up, pay extra attention to any Google Docs coming your way. And, well, to anything asking you to click a link and enter your password or share account permission.