Massive Google Docs sophisticated phishing attack might be in your inbox
A new phishing scam is enticing end users to click on what appears to be Google Docs but actually prompts recipients to give access to a third-party app called "Google Docs" which is only named Google Docs and is not the real Google Docs. Once clicked, your Gmail account will begin sending spam messages to all your contacts.
Additionally, if access is granted, the phishing scheme gains the ability to read, send, delete and manage all your emails and manage all your contacts — enabling it to spam everyone you've ever emailed.
There is one giveaway. The emails either sent to or cc'd to an address of "firstname.lastname@example.org."
Google issued an official statement confirming the issue has been resolved. However, there might still be a lingering phish in your inbox.
What to do if you clicked the link:
- Your account may have already sent spam messages to the people in your address book. Revoke future access through Google's "Connected Apps and Sites" page (Note: it will appear as "Google Docs")
- Change your Gmail password
- Report the phish to Google
- Contact individuals that you email to let them know if they received a shared Google Docs from you not to open it
- Reset any passwords for any 3rd party services tied to the affected Gmail account that share the same password (i.e. Netflix, Amazon, etc.)
What to do if you didn't click the link:
- Delete it from your inbox
- Beware of emails asking for information, asking you to click links or attachments, or requesting the ability to read/send/delete/manage your emails
- Research any apps before downloading them
- Change passwords for email accounts and other applications frequently and do not reuse previous passwords.
What to do if you are a business customer using Gmail for Business (G Suite Email):
- Contact your IT Department local/onsite admin or IT specialist
If you have any questions or concerns please contact the Information Security & Fraud Risk team at Reportfraud@nbtbank.com