04 May 2017

Google Docs phishing attack

Over the past few days, an international phishing campaign targeting Gmail users has been underway.

Many Gmail users are receiving an invitation to join a Google Doc from a friend in their contacts list. This link directs the user to google.com, while also giving the attacker access to the user's email inbox. This allows the attacker to read, send and delete emails, and communicate with the user's contacts. Google has since disabled this attack, though thousands of people have reported clicking on the link already.