Scammers are coming after you in a way you might not expect!
If you’re one of the many people to receive a random email invitation to a Google Docs form, whatever you do, don’t click on it!
In fact, you probably want to delete it.
Although the sender may appear to be someone you know, this is a popular spin on a phishing scheme that has been making the rounds.
According to Buzzfeed News, people started getting the rogue emails around 2:30 p.m. EST on May 3. The emails are being sent by an unknown organization.
Recipients of the email have taken to Twitter to warn others who might fall for the frankly rather sophisticated phishing scam:
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. pic.twitter.com/fSZcS7ljhu
— zeynep tufekci (@zeynep) May 3, 2017
Read more: Email scam: How to spot a fake job offer
Buzzfeed reported many people who have received the emails are listed in the BCC field, while another email address appears in the “To” field. The subject line reads “[someone in your contacts] just shared a Google Doc with you,” in the same way legitimate Google emails appear when Google Docs are sent between users.
According to Fortune, many of the malware emails were sent to journalists.
Hacker Zach Latta posted a gif on Twitter showing what happens when an internet user clicks on the misleading link.
Just got this as well. Super sophisticated. pic.twitter.com/l6c1ljSFIX
— zach latta (@zachlatta) May 3, 2017
How it works
The link takes internet users to what appears to be a real Google page that asks for permissions across Google accounts. Granting permission would afford the hackers a significant amount of personal data and information.
Simply clicking the link and not granting permission appears to forward the email to everyone in your contact list, Buzzfeed reported.
The sophistication of the scam lies in that the hackers didn’t need to steal users login information and passwords. They simply build a third-party app to trick Google users into thinking they were using a familiar Google process in order to gain access to their accounts.
Google has taken action
“We have taken action to protect users against an email impersonating Google Docs (and) have disabled offending accounts,” Google wrote in a statement on Twitter.
“We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail.
— Google Docs (@googledocs) May 3, 2017
Google told the BBC that the spam campaign affected “fewer than 0.1%” of Gmail users — which is still about one million people.
What you can do
In the event you clicked on the link, access your Google account settings here and revoke access to Google Docs if you see that option —it’s not the real Google Docs.
Maybe you’re expecting a Google Doc invite link from a family member or friend? The best thing to do is contact that person outside of Gmail to confirm. If they say they didn’t send you anything, delete the suspicious email.