Recently, reports have been circulating the internet of phishing attempts that mimic Google Docs authentication emails to gain access to user’s computers. The offending emails will appear to be from someone on your contacts list and will contain what appears to be a link to a Google Doc. When you click on this link, you will be giving a third-party program permission to access your computer, which can have devastating consequences.
This type of attack is part of a troubling trend in phishing techniques that is steering away from fake websites and keyloggers and is instead trying to trick you into accessing a program. The most troubling thing about this new scam is that the emails appear to be authentic google docs emails, meaning that these scammers are likely using dummy accounts to send the fraudulent links. Google has stated that it is in the process of closing this leak, and their teams have been attempting to quarantine accounts that have sent scam attempts.
As more information is found about this new Phishing technique, and those like it, we will be adding to this blog post and our existing library of security tips to include ways to safely avoid them.