A malicious and highly sophisticated phishing scam that is using Google Docs to target Gmail users is spreading throughout the internet like wildfire.
The scam works by sending unsuspecting users an email that appears to be from one of their contacts. The email contains a link to a Google Doc but if the link is clicked on it hands over access to your Gmail account and potentially some of your most personal data.
It then proceeds to email people on your contact list with malicious link.
However, if you follow the tips below you might be able to avoid the terrifying Google Docs phishing scam.
Verify any Google Doc sent to you
If you have clicked a Google Docs link recently that was sent to you via email you could potentially be a victim. Therefore you should try and verify any Google Docs links that have been sent to you in the past week, certainly the past 48 hours. Try and contact the sender by phone or some other means to confirm the authenticity of the link. Likewise, do the same if you were planning to send one of your contacts a legitimate email that contained a Google Docs link – contact them and confirm all is OK.
Even if you haven’t yet received a Google Docs link in an email, chances are you might, so it is important to be on the lookout for any emails with links that suddenly appear in your inbox, especially from the email address: email@example.com. If you do receive any suspicious emails, delete them immediately.
Stay up to date
In what is a VERY timely update, Google has just announced that a new anti-phishing security check is being added to Gmail. The new security feature is just starting to roll out so it is important you keep your Gmail app up to date to benefit from the update.
— Zach Latta (@zachlatta) 3 May 2017
What if you clicked the link?
If you think you have clicked on the link, it could be very serious indeed.
However, don’t panic.
The first thing to do is to try and regain control of your account.
First of all head over to the My Account page of your Google account and remove the illegitimate ‘Google Docs’ app. If the app has a recent authorises date then this is probably a sign that something is wrong. Also remove any other suspicious looking apps from the list.
Once you remove it from the list, the scam will no longer be able to read your emails or send out malicious emails from your account to your contacts list.
You should also update your password.
The next step is to then contact anyone on your contact list who you think may have received a malicious email from you.
Jonathan is our Google Nexus and Android enthusiast. He is also fanatical about football which makes it all the more strange that he should support Stockport County. In addition to writing about tech, Jonathan has a passion for fitness and nutrition and has previously written for one the UK’s leading watch and horology websites.