Recently, a number of phishing emails have been sent to random people on Gmail. We have seen many posts on social media about this phishing scheme such as “If you have received an email from me sharing a Google Doc with you, don’t open. Your email address can be hacked” The subject line of these emails could be “XYZ has shared a document on Google Docs with you” and the convincing thing about these phishing emails is that the mail you are receiving will be in the name of someone you already know.
What if you open this document?
If it happens that you click on this shared link, it will ask for access permission to your Google account, but remember actual Google docs link will not ask for any permission. So, this is itself an alarming stage where you can identify the phishing. But still, if you grant the permission, the program will then send this spam mail to all your Google contact with the same Google docs’ link with your name. This will continue and spread everywhere. So, the overall reason for this campaign seems to be spamming as earlier in a similar campaign it had asked people to enter their passwords as well.
Are you receiving such emails and want to stop them?
If you see such mail with the similar subject of Google Docs, you should delete it without clicking on it. In case you have already granted access to this link then you can perform the following steps:
- Go to – Gmail account’s permission settings – by writing google.com/permissions
- You will see the name of this phishing campaign
- Remove permissions for Google Docs.
- After this, you’ll stop receiving these emails but you’ll continue receiving normal emails from your contacts.
Many organizations have taken precautionary measures to be safe from this phishing campaign as this can steal their confidential data and email address. People are requested to be aware while clicking on unknown links on Gmail. You can refer to Google’ statement about how to avoid phishing attacks and run the security checks for your Google account.
Google has taken necessary measures to safeguard its users from this phishing campaign by taking necessary measures. They have removed fake pages and disabled offending accounts and have spread a notification stating about such an activity. If you think you have been a victim of this and have clicked on the fraudulent link then follow the above steps and you’ll be out of this fraud.