How to identify the email and what to do if you become infected by it…
What is the Google Docs Virus? According to Fortune.com Tech Writer, Jeff John Roberts,
A sinister email is making the rounds in which the sender—someone you know, in some cases—invites you to click on a Google Docs link.
The email, of course, isn’t actually from who it says it’s from, but is instead a phishing email intended to trick you into clicking a link.
The offending email and attached file is usually a Google Doc, but PDFs have also been found.
According to Time Magazine Tech Writer, Aric Jenkins,
This scam is more convincing than most — the email takes users who click on the file to a legitimate Google sign-in screen to grant permissions, so it’s no surprise to see widespread reports of the hacking across social media platforms like Twitter.
Because the scam appears to target everyone in the victim’s address book, it didn’t take long before more reports from people outside of the media world began to flood in.
Video explaining how to Identify:
How to avoid infection:
- It’s simple… If an email looks to good to be true or suspicious in any way (extra characters, typos, etc), DON’T click on it! Just delete the email. Don’t forward or reply to it. JUST DELETE IT.
- If you haven’t already, make sure you have two-factor authentication (2FA) set up on your accounts. This is a security check which detects an unfamiliar computer and will ask you to provide an extra temporary password before you can log-in. For information on how to setup 2FA on your accounts, visit http://fortune.com/2017/03/02/security-2-factor-authentication-hackers-stalkers/
- Make sure your Anti-virus definition is turned on and up-today.
How will it affect you:
The hacker will gain access to your entire Gmail account. They will in turn spam or infect EVERYONE you’ve ever emailed. It may also contain a program that will be harmful to your device.
What to do if you become infected by it:
If you did click on the nasty link, change you passwords immediately. Then, go to your Google account settings here, which will allow you to revoke access to apps—including the fake Google Docs one.
- click on My Account in your Google Suite (9 squares in the upper right-hand corner)
- under Sign-in & security, click on Connected apps & sites.
- Look for suspicious Google Docs app and make sure ‘Allow less secure apps’ is set to ‘OFF’.
If you are in need of technical help, please visit our Local Area Computer Technicians site.
What is Google doing about it:
Fortune has contacted Google to ask about the nature of the scam, and who may be behind it. The company has now responded with this statement:
“We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”
Here is Google’s follow-up statement:
“We realize people are concerned about their Google accounts, and we’re now able to give a fuller explanation after further investigation. We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1% of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third party apps connected to their account can visit Google Security Checkup.”
We are here to help!
‘Connecting Rural Minnesota’