Google Docs Phishing Scam: Users Deceived By New Phishing Attack

By Vianne Ilagan, Christian Post Contributor

Users of Google Docs were hit with a widespread scam on Wednesday. The scam comes in the form of a false invitation to edit a Google Doc, which brings users to a Google sign-in page when clicked.

The sophisticated malware or phishing attack seems to be spreading like wildfire over the internet since Wednesday, as more and more users reported receiving the email. The subject line states that a document has been shared with the user. Since the subject line states that the document has been sent by one of the user's trusted contacts, it makes it look like a legitimate email. Once the user clicks the "Open in Docs" button, the malware brings them to a legitimate Google sign-in screen, asking if they would like to continue in Google Docs.

Clicking "Continue" means the user is granting the creator of the malware access to all their contacts and email, making it easier for them to distribute the spam to the user's contacts as well.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Right now, Google continues to encourage users to immediately report the phishing email if they receive it. The technology company has already released a statement on the issue, saying that it is investigating the scam. It has already taken measures to prevent the scam from spreading, disabling all the offending accounts and fake pages.

"We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again," said Google.

Despite the company's efforts in neutralizing the phishing scheme, however, large-scale phishing attacks prove to be omni-present, stalking the internet and pretending to be popular services like Google.

According to PhishMe's chief technology officer Aaron Higbee, every security technology vendor is ill-equipped to handle phishers who fool users into granting permissions to third-party applications. "The importance of this phish is not how it spread, but rather how it didn't use malware or fake websites tricking users to give up their passwords," he said.

Google has yet to confirm how many users have been affected by the recent scam.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.