Google Docs phishing scam — here’s how to protect yourself

A sophisticated phishing scam has tricked hundreds of unsuspecting email users into opening fake Google Docs links.

Reports on Wednesday suggest large numbers of people have clicked invites to view a fake Google Docs file. While this isn’t uncommon, this particular scam has been successful due to the invite looking remarkably similar to the real deal.

After clicking the document users are being transported to a new portal that also does a good impression of a Google.com URL.

Users are being asked to confirm which of their Google accounts they would like to use to read the file. Once that’s confirmed, it appears the attacker gains access to the Google account, meaning emails, contacts, documents and more.

This isn’t just some ‘Nigerian prince’ type scam, this is so sophisticated even a number of web-savvy tech journalists were caught out on Wednesday.

Here’s what the attack looked like in real time:

https://twitter.com/statuses/859843151757955072

Even though this is a sophisticated attack that can easily fool an unsuspecting user, there are a couple of easy ways to avoid this.

If you receive an unexpected email from an unknown contact featuring an invite to edit a Google Doc, the best policy is just to delete it immediately.

There’s also a telltale sign that its a scan: The sender’s email address is ‘hhhhhhhhhhhhhhhh@mailinator.com’. Unless this person had really mean parents, that’s not a real person.

In a statement, Google says the accounts associated with the scam have now been disabled and the fake pages have been removed, which should take care of things.

The company wrote: “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts.

“We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

If you’ve been scammed, we’d recommend an immediate password change to lock out the attackers as quickly as possible.

Have you been caught out by the phishing scam? Share your tale of woe in the comments below.