时间:2025-04-26 20:20:18 来源:网络整理编辑:焦點
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
A sophisticated phishing attack is racing across the internet, and may already have hit your inbox.
The definitely not-legit email disguises itself as an official message from Google alerting you that someone wants to share a Google Doc with you. Notifications of this sort are common and often wouldn't raise an eyebrow.
However, clicking through this particular link and taking the requested steps will open up your inbox — and potentially everyone on your contact list — to an as-of-yet unknown attacker.
Tweet may have been deleted
And, like we said, the link looks real — complete with a little "Open in Docs" blue box.
Tweet may have been deleted
Just how widespread is this? Numerous reporters at Mashable have received the same phishing email, as have students at Columbia University— as a warning email sent out by a member of the Philosophy department shows. The scam may have even hit the Capitol.
Tweet may have been deleted
Google confirmed that it is aware of the problem and is looking into it.
According to one Reddit user, once a victim clicks on the fake Google Doc link, he or she is taken to a real Google page prompting you to select an account. After that, they are taken to a new page asking that they allow "Google Docs" to access the account.
If you click "allow," the attacker can access your account. And all your contacts will likely soon receive a fake Google Doc invite from you.
So, how to tell if that latest Google Doc your friend shared is real or fake? Thankfully, there are a few tell-tale warning signs. First, real Google Doc invites look different than the recent fake. Here's a legit one for comparison:
Notice the Google address at the bottom? And the box border formatting? The fake Google notification doesn't have that.
Second, expand the dropdown option in the menu bar next to the sender's name. Below is a real Google notification for a shared Google Doc.
Lastly, the spam email is also addressed to "[email protected]," which is an account with the disposable email service Mailinator.
If you did happen to click on the malicious link and allowed attackers into your account, you can revoke that access relatively easily. First, go to your Google permissions page. There you will find a list of all the apps that have account access. One app, titled Google Docs, is the offender. Revoke its permission immediately, and then change your password.
Tweet may have been deleted
So now that you know what's up, pay extra attention to any Google Docs coming your way. And, well, to anything asking you to click a link and enter your password or share account permission.
TopicsCybersecurityGoogle
This coloring book is here for all your relationship goals2025-04-26 20:13
官方 :亞足聯宣布江蘇FC退出亞冠 韓泰兩隊直接晉級2025-04-26 19:59
薩德欲與哈維續約兩年保留巴薩條款 後者隻願簽一年2025-04-26 19:58
滬媒:申花隊內加練成風 馮瀟霆瘦一圈曾誠瘦10斤2025-04-26 19:57
Twitter grants everyone access to quality filter for tweet notifications2025-04-26 19:53
女足奧預賽韓國主場恐瘋狂進攻 中國隊備戰按部就班2025-04-26 18:53
央視網:範誌毅們就講了幾個火爆段子 不必上綱上線2025-04-26 18:40
米蘭VS曼聯前瞻 :伊布複出戰舊主 桃園德比決一死戰2025-04-26 18:19
Donald Trump's tangled web of Russian influence2025-04-26 18:10
官方:2022U23亞洲杯於2022年9月6日在烏茲別克斯坦舉行2025-04-26 17:41
Researchers create temporary tattoos you can use to control your devices2025-04-26 20:16
埃弗拉入選科特迪瓦國家隊或迎首秀 恐推遲歸隊報到2025-04-26 20:00
國足熱身山東泰山當陪練 今年俱樂部需全力支持國家隊2025-04-26 19:57
C羅又被曼聯拒絕 ! 專家 :皇馬可與他簽1年短合同2025-04-26 19:24
U.S. government issues warning on McDonald's recalled wearable devices2025-04-26 19:02
國足熱身山東泰山當陪練 今年俱樂部需全力支持國家隊2025-04-26 18:42
津門虎外援蘇亞雷斯收到FIFA裁定 完成解約恢複自由身2025-04-26 18:33
曝卡爾德克已隨深足訓練 此前回重慶為安頓家務2025-04-26 18:30
Whyd voice2025-04-26 18:09
亞冠6月21日開踢海港或遇魔鬼賽程 國足賽後需立即動身2025-04-26 17:35