It’s getting hard to tell what’s a legitimate email and what’s not. The latest phishing scam has already victimized thousands of people.
The scam involves a notification from someone (usually someone you know) that a Good Document has been shared with you. If you use Google Docs, this type of notification probably isn’t unusual.
Once you click on that document link, you will be brought to a page that asks you to a Google sign in screen that asks you to sign into your Google account. The screen is a legitimate Google screen, so it is not possible to tell whether or not you are being scammed.
Here’s where things get sticky. If you click on that link, you are granting authorization for a third-party to access your Google account. Uh-Oh.
How to Stop the Phishing Scam
Here’s the hard part. Google knows about the scam but the company hasn’t stopped it yet. Google is working on stopping the scam, though, so it should be put to rest sometime within the next few days. In the meantime, what can you do to prevent someone from stealing all of your Google information and reading through your emails?
If you know who would be sending you a Google Docs link, you can only click on links from those people that you do know. Granted, if someone you know has an account that has been compromised, that person may appear to be sending you something legitimate, but it might not be authentic at all.
That aside, if you aren’t a person that uses Google Docs and don’t know anyone that would normally send you Google Docs, simply don’t click on those links. Unfortunately, hackers that use these scams tend to prey on people that do not know not to click on links that seem suspicious. For those that do, Google is asking people to report any Google Docs links that do not seem to be legitimate.
How Google is Responding
Google is shutting down any accounts that appear to be sending out fake Google Docs links or requests. By shuttering these accounts, Google hopes that the phishing scam will be stopped. The scam seems to be targeting journalists more than other people, but that could also be because journalists are reporting this issue while other people may not be aware of it.
Unfortunately, phishing scams are becoming more and more sophisticated. So much so that it’s hard to tell what is and isn’t legitimate. Another popular phishing scam is happening via text message right now. That scam includes a text seemingly sent by a person’s bank and asking for banking details. The text is false, but a lot of people have already sent in these details not realizing the harm in doing so.
I can’t say it enough times: make sure that you know what you are clicking on. Even if it looks like someone you know is sending you a link or a Google Document, double check. Call or text that person to make sure that the link is real, and never give out information that a company should already have (like your bank).
Once these hackers gain access to your inbox or your personal details, they can really access any information that you have on your computer - and most of us have a lot.