If you received an invitation from someone to edit a file via Google Docs, and you don’t recognize the name, don’t open it. It could be a phishing scam and a potential computer virus.
On Tuesday, a clever email phishing scam quickly spread across the internet and is masked as an invitation to edit a Google Doc. The body of the email contains a blue button that says “Open in Docs.” The details of the phishing scam were posted to the Google channel on Reddit.
When you first see the email, you may think someone is sending you a Google Doc invite. If you click the button, you are taken to a page that appears to be a real login screen. If you log in, phishers could gain access to your email and address book and potentially install malware on your computer.
What makes this email phishing scam sophisticated is that it takes you to an actual Google page that has been manipulated in a way to allow phishers to collect your data. Twitter user Zach Latta posted a GIF of the new phishing scam to look out for.
— Zach Latta (@zachlatta) May 3, 2017
By clicking the link, there’s a chance you have granted access to a third-party, non-Google web application that may have already sent spam messages to people in your address book.
How to check for suspicious third-party apps in your Google account
If you think you may have clicked on a suspicious link recently, you can check. Google has a simple tool that allows users to manage web apps that are connected to your account. You can easily revoke access to these apps if you see one that you don’t recognize. To do this, visit Google’s Connected Apps and Sites page and remove apps and sites you don’t recognize.
While it is unclear how many users have been affected by this phishing virus, it’s best to pay close attention to your emails with invites from suspicious names.