A huge scam is sweeping the web and anyone with a Gmail account may be vulnerable. Huge numbers of people may have been compromised by the phishing scam that allows hackers to take over people’s email accounts. It’s not clear who is running the quickly spreading scam or why. But it gives people access to people’s most personal details and information, and so the damage may be massive.
The scam works by sending users an innocent looking Google Doc link, which appears to have come from someone you might know. But if it’s clicked then it will give over access to your Gmail account — and turn it into a tool for spreading the hack further.
As such, experts have advised people to only click on Google Doc links they are absolutely sure about. If you have already clicked on such a link, or may have done, inform your workplace IT staff as the account may have been compromised. The hack doesn’t only appear to be affecting Gmail accounts but a range of corporate and business ones that use Google’s email service too.
If you think you may have clicked on it, you should head to Google’s My Account page. Head to the permissions option and remove the “Google Doc” app, which appears the same as any other.
You’ll be able to tell if it is the malicious app if it has a recent authorisation time. That app has full access to a person’s Google account as well as being able to send emails that appear to be from them, making the attack especially dangerous. The email itself comes addressed to firstname.lastname@example.org — which is the only way to know that the email is malicious. They otherwise look completely legitimate, including the account in the “from” field.