The Google phishing scam relies on an email that looks to be from the company, coming through Gmail and relating to Docs. But in fact it is the work of an unknown scammer who is using the attack to take control of people’s emails accounts and maybe their most personal data.
It all relies on clicking on a link from an email that seems to have been sent by a friend. Anyone who has clicked on a Google Doc link recently could be a victim of the attack.
If you haven’t yet clicked the link
First, it’s worth making sure you haven’t. If there’s any chance that you might have done – which is to say, if you’ve opened any Google Docs links recently – then you should assume that you might be affected and follow the relatively simple steps below.
But if you definitely haven’t, then the main thing to do is to remain vigilant.
First, click on any Google Docs links that you’re not absolutely certain are legitimate – confirm through some other means with the person sending them that they intended to. If you don’t ever click on such a link, then you can’t fall victim to one.
And make sure that everyone else you know is vigilant about such scams, too. Also remember that if they are, they probably won’t be opening any Google Docs invites you send them – if you need to share something, either let them know an invite is coming or preferably send it through some other means for now.
If you think you might have clicked the link
Firstly, don’t panic. The potential effects of the scam are huge – but it’s also relatively easy to undo much of the damage.
If there’s any chance that you think you might have been hacked, then follow the steps below. There’s no danger done by doing so even if you haven’t in fact become part of the attack.
Now head to Google’s My Account page, and head to the app permissions options. You’ll be looking to remove the very bad but legitimate looking “Google Doc” from having any permissions – if it’s there, and has a relatively recent authorised date, then you know that something’s up.
Once it’s kicked out of your account, the control the scam has over your account will be stemmed – it will no longer be able to read your email or send out the invites.
But its aftereffects may continue. And so you should do what you can to prevent those, too.
First, inform anyone that is in control of your network. In most workplaces and universities hit by the attack – which is targeting corporate email accounts using Google software as well as Gmail ones – there will be someone in IT or the network team who can help and ensure that the institution’s computers are kept safe.
Second, get in touch with anyone you think you might have secretly sent the link to and share this article with them, to ensure that they too can stay safe. Don’t spam your contacts, of course – but make sure that they are safe.