时间:2024-09-20 08:13:37 来源:网络整理编辑:休閑
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
The definitely not-legit email disguises itself as an official message from Google alerting you that someone wants to share a Google Doc with you. Notifications of this sort are common and often wouldn't raise an eyebrow.
However, clicking through this particular link and taking the requested steps will open up your inbox — and potentially everyone on your contact list — to an as-of-yet unknown attacker.
Tweet may have been deleted
And, like we said, the link looks real — complete with a little "Open in Docs" blue box.
DON'T CLICK.Credit: mashableTweet may have been deleted
Just how widespread is this? Numerous reporters at Mashable have received the same phishing email, as have students at Columbia University— as a warning email sent out by a member of the Philosophy department shows. The scam may have even hit the Capitol.
Oops.Credit: MashableTweet may have been deleted
Google confirmed that it is aware of the problem and is looking into it.
According to one Reddit user, once a victim clicks on the fake Google Doc link, he or she is taken to a real Google page prompting you to select an account. After that, they are taken to a new page asking that they allow "Google Docs" to access the account.
Just don't.Credit: Jake SteamIf you click "allow," the attacker can access your account. And all your contacts will likely soon receive a fake Google Doc invite from you.
So, how to tell if that latest Google Doc your friend shared is real or fake? Thankfully, there are a few tell-tale warning signs. First, real Google Doc invites look different than the recent fake. Here's a legit one for comparison:
Lunch!Credit: MashableNotice the Google address at the bottom? And the box border formatting? The fake Google notification doesn't have that.
Second, expand the dropdown option in the menu bar next to the sender's name. Below is a real Google notification for a shared Google Doc.
Credit: mashableLastly, the spam email is also addressed to "[email protected]," which is an account with the disposable email service Mailinator.
If you did happen to click on the malicious link and allowed attackers into your account, you can revoke that access relatively easily. First, go to your Google permissions page. There you will find a list of all the apps that have account access. One app, titled Google Docs, is the offender. Revoke its permission immediately, and then change your password.
Tweet may have been deleted
So now that you know what's up, pay extra attention to any Google Docs coming your way. And, well, to anything asking you to click a link and enter your password or share account permission.
TopicsCybersecurityGoogle
Sound the alarms: Simone Biles finally met Zac Efron2024-09-20 07:44
七年之癢?克洛普的利物浦2023年聯賽0勝&足總杯出局 原因如下2024-09-20 07:36
Apple Vision Pro: Watch these 3 Tesla drivers use it in the wild2024-09-20 07:23
今日賽事 :英超(曼聯vs利茲聯)2024-09-20 07:18
Fake news reports from the Newseum are infinitely better than actual news2024-09-20 06:46
原創 世界羽聯宣布2023年至2026年巡回賽將增加四站賽事!!!2024-09-20 06:36
意甲 :薩索洛 VS 桑普,薩索洛主場出戰 ,狀態還不錯2024-09-20 06:12
周三足總杯 :曼聯強於西漢姆聯,曼聯VS西漢姆聯,謝菲聯VS熱刺2024-09-20 05:49
Early Apple2024-09-20 05:38
2023年印尼羽毛球大師賽2024-09-20 05:28
Tourist survives for month in frozen New Zealand wilderness after partner dies2024-09-20 07:35
女雙有優勢 混雙有統治力 男雙有希望——國羽世界巡回賽總決賽綜述2024-09-20 07:13
全力備戰巴黎奧運會│馬來西亞羽毛球公開賽 中國隊奪兩冠一亞2024-09-20 07:08
2023年世界羽聯巡回賽賽程表2024-09-20 06:52
Fake news reports from the Newseum are infinitely better than actual news2024-09-20 06:27
原創 2023世界羽聯全年觀賽指南2024-09-20 06:08
體壇快訊(2023.2.28)2024-09-20 06:06
原創 3.1賽事分析 :法國杯 足總杯 英超 利物浦vs狼隊2024-09-20 05:57
Fiji wins first2024-09-20 05:50
“紅”“藍”爭冠格局不變——20222024-09-20 05:40