【】
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
The definitely not-legit email disguises itself as an official message from Google alerting you that someone wants to share a Google Doc with you. Notifications of this sort are common and often wouldn't raise an eyebrow.
However, clicking through this particular link and taking the requested steps will open up your inbox — and potentially everyone on your contact list — to an as-of-yet unknown attacker.
Tweet may have been deleted
And, like we said, the link looks real — complete with a little "Open in Docs" blue box.
DON'T CLICK.Credit: mashableTweet may have been deleted
Just how widespread is this? Numerous reporters at Mashable have received the same phishing email, as have students at Columbia University— as a warning email sent out by a member of the Philosophy department shows. The scam may have even hit the Capitol.
Oops.Credit: MashableTweet may have been deleted
Google confirmed that it is aware of the problem and is looking into it.
According to one Reddit user, once a victim clicks on the fake Google Doc link, he or she is taken to a real Google page prompting you to select an account. After that, they are taken to a new page asking that they allow "Google Docs" to access the account.
Just don't.Credit: Jake SteamIf you click "allow," the attacker can access your account. And all your contacts will likely soon receive a fake Google Doc invite from you.
So, how to tell if that latest Google Doc your friend shared is real or fake? Thankfully, there are a few tell-tale warning signs. First, real Google Doc invites look different than the recent fake. Here's a legit one for comparison:
Lunch!Credit: MashableNotice the Google address at the bottom? And the box border formatting? The fake Google notification doesn't have that.
Second, expand the dropdown option in the menu bar next to the sender's name. Below is a real Google notification for a shared Google Doc.
Credit: mashableLastly, the spam email is also addressed to "[email protected]," which is an account with the disposable email service Mailinator.
What to do?
If you did happen to click on the malicious link and allowed attackers into your account, you can revoke that access relatively easily. First, go to your Google permissions page. There you will find a list of all the apps that have account access. One app, titled Google Docs, is the offender. Revoke its permission immediately, and then change your password.
Tweet may have been deleted
So now that you know what's up, pay extra attention to any Google Docs coming your way. And, well, to anything asking you to click a link and enter your password or share account permission.
Featured Video For You
You know those suspicious emails about jobs you didn't apply for? This is what happens when you accept the job
TopicsCybersecurityGoogle
相关文章
Nancy Pelosi warns colleagues after info hacked
House Minority Leader Nancy Pelosi warned fellow Democrats on Saturday to change their cellphone num2024-09-20- 德轉 :重慶兩江競技隊球員阿德裏安加盟河南嵩山龍門_長春亞泰隊_朱藝_中國區www.ty42.com 日期:2022-04-25 18:01:00| 評論(已有342425條評論)2024-09-20
- 南美足壇再爆發大規模球迷騷亂 一人被刺數刀身亡_比賽_看台_Uniwww.ty42.com 日期:2022-04-25 10:01:00| 評論(已有342338條評論)2024-09-20
- 翻過曼聯山跨過埃弗頓海! 利物浦卻發現時光倒轉……_曼城_賽季_阿森納www.ty42.com 日期:2022-04-25 11:01:00| 評論(已有342351條評論)2024-09-20
Olympian celebrates by ordering an intimidating amount of McDonald's
It's no secret that Olympians have to eat clean for years to ensure they're at peak physical conditi2024-09-20- 迷惑!曼聯獲點球竟非C羅主罰 B費一腳踢丟扳平球_比分_的結果_塔瓦雷斯www.ty42.com 日期:2022-04-23 23:01:00| 評論(已有342167條評論)2024-09-20
最新评论