recommended reading

Threatwatch

Think Twice About Accepting Shared Google Docs

Credential-stealing malware

An incredibly fast-moving phishing attack started hitting Gmail inboxes Wednesday.

Victims—who at first seemed to be journalists—receive what looks like an invitation to view a Google Doc from a known contact that instead replicates the attack to their address books, according to The Atlantic.

Clicking the link lets the attacker read, send and delete emails on a victim’s behalf without having login details, Recode reported. Two-factor authentication or changing a password doesn’t disable the attack; instead, users have to remove what looks like a Google Doc app from their account management pages. (Here’s Google’s recommended security check.)

The attack didn’t affect the real Google Docs program; it merely spoofed it. Google said it will be taking steps to prevent such trickery in the future and it also disabled the accounts associated with this specific attack.

sector

Web Services

reported

May 3, 2017

reported by

The Atlantic

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

Unknown

date breach detected

Unknown