Whatever you do, do not open any Google Docs unless you’re absolutely sure it’s authentic. Why? I’ve been getting asked this question a lot. What is the Google Docs phishing scam? Let me explain …
If you should ever receive a Google Doc link in your email, examine it closely prior to clicking – even if it appears to be coming from somebody you trust. A vicious phishing scam that masquerades as a request from Google Docs is sweeping the internet and a number of media companies. You’ve no doubt heard the saying “think first before clicking on anything” a zillion times, I know, but it actually can shield you from disaster.
Google has taken action to counteract this specific phish and expressed in it’s official statement that it has “disabled offending accounts. We’ve removed the fake pages, pushed updates through safe browsing, and our abuse team is working to prevent this kind of spoofing from happening again.” However, to defend yourself against phishing, it’s rather like a game of cat and mouse. Massive scale phishing attacks and scammers masquerading well-known services such as Google login pages frequently creep up on the internet.
What’s important to realize with this phish isn’t how it circulated, but rather how it didn’t utilize malware or bogus websites deceiving users into offering up their passwords. This phish was successful because it deceived the user into authorizing a third-party application. This is what we can expect going forward when it comes to phishing and every vendor of security technology is poorly equipped to handle it.
Comparable Google Docs scams, specifically, have been spreading throughout the internet since around 2014; however, this doesn’t mean they’re easier to identify partially because they appear so genuine. Phishers can work with genuine Google accounts and create third-party plugins that can collaborate with Google services so they can suck victims in via the most genuine-looking Google web pages ever – authentic ones! Moreover, variations on this plan of attack occur repeatedly.
How It Works
This type of Google Docs phishing email goes like this. You receive an email stating somebody added you to a Google Doc and to view it all you have to do is click on the link provided. Once you click on it, it sends you over to an authentic account screen and lists all the Google accounts you are presently logged into. At this point, you need to decide which one you would like to view the document in (or log into, if you haven’t already verified the account in your browser). Once there, a malevolent service called “Google Docs” waits with expectation, asking to give them access to not only your account but your passwords, emails, contacts – EVERYTHING!
If you clicked this kind of link at any time, go directly to the Permissions page in you Google account as fast as you can and, in this instance, revoke all access to the service termed “Google Docs.” Then, create a new password and make certain you have two-step verification switched on.
How To Stay Safe
To help keep yourself safe even more in the future, Google has developed a Chrome extension called Password Alert that alerts you if you key in your Google Account id and password into any page that is not genuinely Google’s. If phishers have created an authentic-looking bogus page, Password Alert immediately advises you to create a new password in order to protect your account. However, this will not inevitably defend you when scammers are exploiting authentic Google processes. Moreover, it won’t help you recognize bogus login pages akin to other companies’ services.
Resisting the desire to click continues to be you best defense. Watch for illogical or dubious content in an email. For example, a “To” field with “hhhhhhhhhhhhhhhhhhhhhhh” should raise a few eyebrows and trusting your gut is vital. However, in this instance, where a phishing email is so convincing, it’s best to remember to always take a moment to think first prior to clicking. It’s not worth the risk.
Clicking on links or downloading attachments should not be done out of habit even when they appear to be from somebody you trust, especially, if you are not waiting on a message from them. Just pause for a bit and analyze any URL’s it includes within a plain text editor, or check with your friend or colleague via another method of communication that they, in fact, emailed you a recipe for Mom’s apple pie. These simple precautions can make a huge difference to your online security. Sometimes, taking a second look is all that’s needed to recognize your friend, family member or coworker likely would not have unexpectedly sent you a Google Doc.
Worried About Privacy?
So, I hope I’ve answered your question …What Is The Google Docs Phishing Scam? If you’ve ever fallen victim to this scam or others like it, I’d love to hear from you. Simply leave your comments below.
Before you go, I need to ask you a few very important questions …
Are you searching for a GENUINE Online Business Opportunity?
Are you tired of struggling online and want to once and for all succeed by receiving first rate, step-by-step training along with everything you could possibly need to succeed wrapped up in a complete package? …And, did I mention that it’s FREE? Yes, FREE!
Here’s to your success!