Google says it’s disabled the accounts sending out a convincing fake Google Docs invitation in a widespread phishing scam that hit inboxes around the world yesterday.
“We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts,” Google said in an official statement. “We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
The phishing attempt was extremely convincing as it looked like an invitation that shared a Google Doc from someone in your contact list. In emails received by members of the IT World Canada staff, the filenames referenced were also convincing. Clicking on the invitation led to a real Google account selection screen. After that’s selected, the app called “Google Docs” asks for a series of permissions. This is where a savvy user that’s paying attention would see a red flag, since Google Docs doesn’t require permissions, as it’s native to Google. If the user agrees, the scam is replicated to the user’s contact list.
Affected users should revoke access to the fake Google Docs app and follow-up with any contacts that sent you the phishing email to let them know they’ve been compromised. The attack would give hackers full access to the contents of your email.
In a statement provided to TNW, Google says it estimates 0.1 per cent of Gmail users were affected. It stopped the phishing campaign within one hour of its launch.