Beware: Google Document Phishing Scam

Google is warning all to not open a phishing scam e-mail being currently sent out. The sophisticated looking e-mail will look like it’s coming from an e-mail address that you may recognize. There is one key giveaway to recognize these e-mails: The mail is sent to a fake email address in the main recipient field — hhhhhhhhhhhhhhhh@mailinator.com. Your address is included in the BCC field.

Google Docs Phishing Scam Image

According to a tweet by Google, make sure you immediately report this e-mail as a Phishing attempt via Gmail and then delete. Do not open any attachments, click on the link, or respond to the sender. Google is in the midst of investigating where this phishing scam originated and how to stop it from happening again in the future. Read more on how to report an e-mail within Gmail.

Gmail Tweet

When users click on the file, the fake Google Docs will seek permission to access your account. Users who click on the link and follow through with the process should go to Google’s account permissions to deny access.
Phishing is generally carried out via e-mail, but can also happen via websites, ads, etc.. It means that an internet hacker is trying to convince you to share your personal information online, like credit card information, social security numbers, banking information and more. Read more about phishing scams and how to avoid them. If an e-mail looks suspicious, don’t open it!

e-mail on phone

Here are some additional e-mail “Safe Sending” Tips:

  • Do not send personal messages from your corporate account
  • Do not forward company emails or corporate data to your personal account
  • Always remember that email is not private
  • Check with the sender before opening attachments
  • Do not send sensitive information over email
  • Respect email laws and regulations
  • Know the difference between public and private information!

Read more about the phishing scam.

 

Update: May 4th, 2017, 4:00 pm

Google has addressed the issue and it should be re-mediated. If you think you were affected, follow this link: http://g.co/SecurityCheckup

See the tweet from Google