Google’s online file service, Google Docs, has been targeted by scammers using a fake email message.
Google has shut down the phishing email, which impersonated its service in an attempt to gain access to Google account holders’ contacts information.
According to online reports, including a detailed user thread on Reddit, the recipient was asked to click on a link in the email – which looked identical to genuine Google Docs emails – that took them to a site asking them to grant account permissions to a fraudulent app calling itself ‘Google Docs’.
If the user agreed, the app would then send copies of the original email to the users’ contacts.
Spotting a scam
One sign that the email was not genuine came from it being directed to the address firstname.lastname@example.org, with the recipient only blind-copied in to the email.
Checking the sender address, gauging if the email is too impersonal to be genuine and being contacted out of the blue are just some signs that can help you spot if the email you have received is a phishing scam email or not.
Phishing emails usually try to trick you into giving your personal details to steal personal information or money from you.
Taking action against scams
Google said that while the scam accessed and used contact information, no other data was apparently exposed.
The scam attempt was halted in about an hour as Google disabled offending accounts, removed fake pages and updated its Safe Browsing feature.
Users are not required to take any additional action, but Google is encouraging those who want to be extra safe to run its security check feature, which can be found on the ‘My Account’ page.