{"id":316532,"date":"2017-05-04T15:35:23","date_gmt":"2017-05-04T15:35:23","guid":{"rendered":"http:\/\/citifmonline.com\/?p=316532"},"modified":"2017-05-04T15:35:23","modified_gmt":"2017-05-04T15:35:23","slug":"google-docs-users-hit-by-phishing-scam","status":"publish","type":"post","link":"https:\/\/citifmonline.com\/2017\/05\/google-docs-users-hit-by-phishing-scam\/","title":{"rendered":"Google Docs users hit by phishing scam"},"content":{"rendered":"
Google says it has stopped a phishing email that reached about a million of its users.<\/p>\n
The scam claimed to come from Google Docs – a service that allows people to share and edit documents online.<\/p>\n
Users who clicked a link and followed instructions, risked giving the hackers access to their email accounts.<\/p>\n
Google said it had stopped the attack “within approximately one hour”, including through “removing fake pages and applications”.<\/p>\n
“While contact information was accessed and used by the campaign, our investigations show that no other data was exposed,” Google said in an updated statement.<\/p>\n
“There’s no further action users need to take regarding this event; users who want to review third party apps connected to their account can visit Google Security Checkup.”<\/p>\n
During the attack, users were sent a deceptive invitation to edit a Google Doc, with a subject line stating a contact “has shared a document on Google Docs with you”.<\/p>\n
The email address hhhhhhhhhhhhhhhh@mailinator[.]com was also copied in to the message; Mailinator, a free email service provider has denied any involvement.<\/p>\n
If users clicked on the “Open in Docs” button in the email, they were then taken to a real Google-hosted page and asked to allow a seemingly real service, called “Google Docs”, to access their email account data.<\/p>\n