Sophisticated Google Docs Phishing Scam Targets Gmail Accounts
A phishing email attack targeting Google users impacted organizations and individuals across the country. Reports indicate that Google has shut the attack down but not before as many as 1 million users were affected.
The message sent yesterday looks very authentic, appears to be sent by a "trusted" contact, and asks the recipient to open a Google Doc. After opening the link, Google's login and permissions page asked users to grant the fake Docs app the ability to "read, send, delete and manage your email", as well as "manage your contacts". The attacker subsequently gains access to the Gmail account as well as any potentially sensitive information that may be present on stored messages. The Phishing emails are then redistributed using the users contact list.
The messages can be identified by the recipients section, which show they were sent to "firstname.lastname@example.org along with others who were Bcc'd.