Google Docs Scam

Google Docs phishing scam: what you need to know

If you check your email inbox and find an invitation to edit a file in Google Docs, don’t open it – chances are it could be a phishing scam. The email can come from a stranger or someone you know. Clicking on the link takes the user to a real Google sign-in screen, and then offers another link to click that reads “Continue to Google Docs.” Clicking this second link allows malicious, third-party software to access the users account and gives free access to the email archive and address book within. The third-party then forwards the email onto all of the contacts within the address book allowing the scam to spread.

This sophisticated phishing scam targets users by impersonating Google, one of the most trusted names in the online community. The emails look very similar to standard Google doc invitations and are easy to mistake for the real thing. Google worked swiftly and took action to protect users on Wednesday, May 3. The internet giant also pushed updates through Safe Browsing, and tasked an abuse team to prevent this kind of attack from ever happening again. Still, the phishing emails are still floating around out there, so use extreme caution when opening an invitation from Google Docs.

Here is what you need to know:

  • If you click the email invitation link, it will take you to a real, Google hosted page.
  • Next, it asks you to allow a third-party app named “Google Docs” access to read, send, delete and manage your email and contacts.
  • Once “ALLOW” is clicked the third-party app, masquerading as Google Docs, will have access to all of your email account information.
  • This phishing scam is very well done and can fool even the most cautious of clickers.
  • The best way to check if your invitation is legitimate is to right-click on the link and inspect the developer’s information, if it is an individual and not Google, you’re likely looking at the phishing scam.

Afraid you have already clicked on the scam? Here’s how to check:

  • If you have clicked the link, then your account has likely sent out spam messages to the people in your address book.
  • If you have, you can revoke future access to your account through Google’s “Connected Apps and Sites” page. Here the app will appear as “Google Docs”.
  • From this page, you can remove this app from your account.