Recently, Google users were hit by a massive phishing attack. The attack sent out an email asking you to click on a Google Doc link. Once you clicked that link, it would take you to a Google Sign In page, where you’d enter your details, and voila! your account would be hacked. What made this hack seem so realistic is that the Google Doc email comes from someone you know. Tricky hackers!
This is a very sophisticated attack, and many have fallen for it. It seems very legitimate and it is difficult to know whether it is an authentic email or a phishing attack
The best way to know whether it is authentic or not, is to look at who the email is sent to. If it says something obscure such as ‘firstname.lastname@example.org’, then you know that it is an attack, and you shouldn’t click the the button.
Offices sent out warning emails asking their staff not to open such an email. Experts were advising people to open Google Docs links that they were 100% sure of. It is not just Google users being affected, but offices using Google as a service were also being attacked. It is still not clear who sent out these emails or who conducted this attack.
However, it is not all bad news. Google has confirmed that they have now fixed the phishing attack. In a statement to The Verge, a Google spokesperson said, “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”
If you were hit by this scam, there is no need to panic. You can follow some steps to regain control over your Gmail account.
Pic credits: Washington Examiner