Warning: Major Google Docs phishing attempt underway!

We are warning all Palante clients to be careful about opening any remotely suspicious Google Docs emails today. If you're not sure it's legit, either do not click the link OR forward it to us to double-check!

EDITED 2:15pm PT/5:15pm ET: Google Docs just posted this statement to their official Twitter account:

Official Google Statement on Phishing Email: We have taken action to protect users against an email impersonating Google Docs & have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.

POSTED EARLIER: There is a very nasty, very convincing Google Docs email scam spreading like wildfire across the internet right now. An email is sent to you with a convincing-looking link asking you to log into your Google account to access a Google Doc from a friend. However, the email is forged, the link is fake and the form allows the scammers to steal your Google account password! At that point, the scammers access your account and send a similar email to your contacts, allowing the scam to spread and more accounts to be compromised.

This is called a phishing attempt, and it happens all the time; however, this one is spreading very quickly and is VERY convincing.

Below is a screenshot of what you'll see if you click on the scam link, shared by a colleague:

Screenshot of Google Docs phishing page

If you believe that you have already clicked on one of these links and entered your Google account information, here are steps you can take right away to help minimize damage:

  1. Change your Google password immediately!
  2. If it's not on already, turn on 2-factor authentication for your Google account.
  3. Check your Google "Apps connected page" and remove any suspicious, unfamiliar or unwanted apps.
  4. Log out all Google sessions.
  5. Warn coworkers, colleagues and friends to not open similar emails.
  6. Contact the tech support provider who usually helps with these kinds of email or security issues ASAP. (That may be us at Palante!)

We will continue to update this message with additional details and revisions as the situation progresses!

Quick list of useful articles & accounts of what's happening, many frequently updated:

Tags: 

Add new comment