A new Google Docs phishing scam just reared its head a few hours ago, and it’s spreading like wildfire. Google appears to be taking action to stop it, but in..
A new Google Docs phishing scam just reared its head a few hours ago, and it’s spreading like wildfire. Google appears to be taking action to stop it, but in the mean time: be super, super wary of Google Doc invites for now. If you fall for this one (and plenty of otherwise eagle-eyed people have already) , it’ ll blast out the bait to everyone on your contact list.
Here’s what you need to know:
This one is super sneaky; pretty much the only way to detect it before falling for it is to click the small “Google Docs” link on the actual Google-hosted page and notice that the developer info seems… off.
Zach Latta of Hack Club grabbed a video of the whole flow so you don’ t have to test fate to see it for yourself:
Check your Google account’s app permissions. There should not be an app called “Google Docs” there — actual Google Docs has access to your account by default. If you see it listed there, remove it by tapping the label and hitting “Remove”
Update: The Google Docs twitter account just acknowledged the attack and says they’ re working on it, but says not to click on things in the meantime.
Story developing…
