Oh God , a hacker ’s on the loose with a novel ( but familiar ) Google Docs phishing scam , and journalists ( among many others ) are in the crosshairs .
On Wednesday good afternoon , countless unsuspicious email users — include reporters from BuzzFeed , Hearst , New York Magazine , Vice , as well as your friend here at Gizmodo Media — received some seemingly legit invite to watch a Google Docs file . The email does n’t look quite right , but anyone who clicks through get at a login screen that looks almost indistinguishable from the same screen you ’d see if someone actually invited you to a Google Doc . It ’s the one with a leaning of your Google Accounts , and it even pair Google ’s recent redesign .
https://gizmodo.com/everything-you-need-to-know-about-this-weeks-massive-ph-1794914151
What ’s even scarier than that , the Thomas Nelson Page has a very real - calculate Google.com URL and select a link to Google Docs appears to confirm the page ’s authenticity . It get worse . That page invites to choose which calculate you ’d wish to utilize to view the Google Doc , and then you ’re taken to a page that invites you to give admittance to your Google Account . Here ’s what the whole onset looks like :
Just got this as well . Super sophisticated.pic.twitter.com/l6c1ljSFIX
— zach latta ( @zachlatta)May 3 , 2017
There are a couple telltale sign that this email is bullshit . It ’s addressed to “ [ email protected ] , ” and the email itself does n’t look quite like the 1 that Google sends . That , and the fact that unnumbered member of the media are reporting on Twitter that the email is a phishing scam . ( The EFFtoldJoe Bernstein from BuzzFeed , where some of the earliest electronic mail were spot , that the attack was not intended to fork over malware but rather hijack certificate , another terminal figure for phishing . )
It ’s still ill-defined who ’s behind this attack , and we might never know . If we learn anything novel , we ’ll update this stake . We ’ve reached out to Google for more information on the attack and will update this post if we hear back .
In the meantime , be safe out there . And maybe do n’t tap any Google Doc data link for the balance of the week .
Update 4:35pm – Gmail has addressed the attack on Twitter :
We are investigate a phishing e-mail that appears as Google Docs . We encourage you to not penetrate through , & account as phishing within Gmail .
— Gmail ( @gmail)May 3 , 2017
Update 5:25pm – Google sent us the come after affirmation by direction of a praseodymium agency :
We have study action to protect users against an electronic mail personate Google Docs , and have invalid offending accounts . We ’ve removed the fake pages , pushed update throughSafe Browsing , and our ill-treatment squad is work to prevent this variety of spoofing from happening again . We advance users toreport phishing emails in Gmail .
Update 10:40pm – Google send off us another statement , this time not from a PR agency but attributable directly to a Google representative :
We realize people are concerned about their Google invoice , and we ’re now capable to give a wide explanation after further investigating . We have taken natural action to protect user against an electronic mail spam campaign impersonate Google Docs , which affected few than 0.1 % of Gmail users . We protected users from this attack through a combining of automatic and manual actions , including removing the imitation pages and diligence , and pushing update throughSafe Browsing , Gmail , and other anti - abuse systems . We were able-bodied to stop the campaign within just about one hour . While contact information was accessed and used by the campaign , our probe show that no other data was exposed . There ’s no further action user need to take regarding this outcome ; user who want to review third party apps plug into to their account can visitGoogle Security Checkup .
HackersHacking
Daily Newsletter
Get the best technical school , skill , and civilization news in your inbox day by day .
news program from the future , render to your present .
You May Also Like
