If you received an email on Wednesday or Thursday saying that someone on your contacts list has shared a Google Doc with you, you may want to think twice before opening it.
According to BuzzFeed, a number of people have been victims of an apparent phishing attempt (where hackers try to get you to click on sketchy links) by an unknown organization starting around 11:30 AMPT Wednesday.
Apparently, people are getting emails with links to Google Docs that appear to come from people they know. At least some of these emails are addressed to “[email protected],” with the person who received it in the BCC field.
The emails subject lines say, “[Person in your contacts] just shared a Google Doc with you,” exactly what Google’s emails say when someone shares an actual Google Doc.
If you click on the fraudulent link within the email, it will take you to a real Google page asking for widespread permissions across your Google accounts, which, if granted (don’t) would give the attackers access to the vast amount of personal data stored on your Google accounts.
For now, it doesn’t seem like the hack can access this information unless you give it permission. If you open the link, however, it does seem to forward the email to everyone on your contact list and they will hate you forever.
If you search “shared a doc” on Twitter, you’ll see a ton of results, mostly people warning their followers not to open any suspicious docs.
According to BuzzFeed, here’s what to do if you did click the link to the suspicious Google Doc:
- Go to the google security checkup and go through the checklist.
- Pay close attention to the Account Permissions section. Check for “Google Docs,” and remove it. It’s not the real Google Docs.
And maybe just change your password while you’re at it.
Read more: http://twentytwowords.com/dont-open-that-random-google-doc-you-just-got/