News

Google Docs Phishing Attempts Under Investigation

Gmail has confirmed that it is investigating reports of Google Docs-based phishing attacks.

Published May 3, 2017

 (Shutterstock)
Image Via Shutterstock

On 3 May 2017, reports of Google Docs phishing attacks surfaced.

Initial stories suggested that journalists were the primary target of the purported Google Docs vulnerability, but subsequently released information suggests that no particular group of users were at risk. Reports widely reference an origin e-mail address of "hhhhhhhhhhhhhhhh@mailinator.com," with others copied on the message.

Vice was one of the first outlets to cover the rumors:

A massive phishing campaign targeting Google accounts is ripping through the internet right now.

Several journalists, as well as people working in other industries, have said they've received emails containing what looks like a link to a Google Doc that appears to come from someone they know. These, however, are malicious emails designed to hijack your account.

At approximately 4:15 P.M. Eastern Time, GMail sent a tweet confirming they were investigating reports of a vulnerability and warned users to be on alert:

Zach Latta of HackClub.com tweeted a series of tips for users who believed they were infected by the phishing attack:

Google has advised people with security concerns to review their Google permissions for unauthorized apps, including one called "Google Docs".

Sources

Franceschi-Bicchierai, Lorenzo.   "Someone Is Spreading a Massive Google Doc Phishing Email Right Now."     Motherboard.   3 May 2017.

Mullin, Benjamin.   "Journalists Fight Back Against Massive Phishing Attack."     Poynter.   3 May 2017.

Kim LaCapria is a former writer for Snopes.

Article Tags