Google Docs spam is making the rounds, so take heed before you read

Update

We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts. We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.

4:00 ET

After looking at a few of these and seeing investigations from others on Twitter, we have a clearer picture of what's happening.

It appears that a third party developer has created a service that uses your Google login to authenticate. Somehow this service was able to use the name Google Docs. Attachments that need you to authorize this service are being sent using previously phished Google accounts, and upon clicking you'll be asked to give access to things like reading and sending an email (so more phishing emails can be sent) as well as access to your account. While this should be a huge red flag to anyone, it's likely working well for the people doing the account phishing.

Google is aware so we expect this to stop being a thing shortly. For now, don't authorize any service and visit your MyAccount page and disconnect access to anything named Google Docs

The original post is below.

Have you checked social media lately? There's a bit of buzz making the rounds about Google Docs spam popping up in people's inboxes. The spam comes as an email attachment from even the most legitimate Google Docs users, including educational institutions and other professional organizations that rely on the document-storing cloud service.

MASSIVE phishing attempt via @Google Docs going on right now!! If you get invited to open a doc, DON'T CLICK IT!MASSIVE phishing attempt via @Google Docs going on right now!! If you get invited to open a doc, DON'T CLICK IT!— Chad Wingerd (@ChadWingerd) May 3, 2017 May 3, 2017

I just got an email from my daughter's school, with malware embedded in a Google Doc. I can't help but like Google even less now.I just got an email from my daughter's school, with malware embedded in a Google Doc. I can't help but like Google even less now.— Vernon E. L. Smith (@VernonEL) May 3, 2017 May 3, 2017

Here's your official public service announcement to please check the attachments before you open them; Check the address of the person who sent it, and maybe even give the person a call to ask if they sincerely meant to send along a PDF.

There are very few details about what the malware contained actually does and where it originated, but we've reached out to Google for more information.

Florence Ion was formerly an editor and columnist at Android Central. She writes about Android-powered devices of all types and explores their usefulness in her everyday life. You can follow her on Twitter or watch her Tuesday nights on All About Android.

Latest

Google Pixel 6 Pro lying on the forest ground with its back shown off

Android 16 Developer Preview 1 supports the Pixel 6 and Pixel 6 Pro — here's why it matters

See more latest ►

Get the top Black Friday deals right in your inbox: Sign up now!

Most Popular