Google’s Latest Phishing Hack

Early last month, Google fell under attack in a huge phishing operation.

Many received an email that looked similar to an invitation to join a Google Doc from someone they knew on their mailing list. However, once they clicked the link to open the file, you were then directed to grant access to an app that looks like Google Docs. Instead, this was actually a program that sends spam emails to everyone you have previously mailed.

Specifically, this spam email included the following:

  • Used the name “Google Docs”
  • Used the existing Google login system
  • Bypassed any 2 factor authentication or login alerts
  • Only detectable as fake if you click “Google Docs’ while granting permission
  • Replicates itself by sending itself to all your contacts

This process of sending an email to trick someone into granting access into their personal information is called phishing. It is usually done for malicious reasons, just like stealing a credit card information or tricking someone into sharing their password.

Google released an official statement in which they mention they did indeed resolved the issue. They have removed the fake pages, updated all of their Safe Browsing preferences and system. As a result, they continue to encourage their uses to report phishing emails within their Gmail.

If you have or ever do receive an email like this, do not open it. Always remember to:

  • Change your password every three months
  • Make sure your passwords are long with lower and upper cases letters, as well as special characters such as several symbols and/or numbers
  • Make yourself familiar with the style and fonts and specific uses of Google Docs as it can be incredibly helpful when needed to detect a fake.