Posted by Amy Ewald
As many of your heard, there is a new phishing scam out there and it has to do with Google Docs. Unless you are 100% positive that the document is in fact real, do NOT open it. The best part of it is, an ethical hacker by the name of Eugene Pupov claims he did it by mistake. Whether it was a mistake or not, the emails come mostly from a domain named malinator.com. They look like this:
What does the attack do? It asks you to grant permission to your email, and if you accept it can go through your email and and find your contacts and send it out to more people from your account. It will look like it came from you, so be aware of any emails you may get from people you know. If you are remotely unsure if that email you received from a person you know has a Google Doc attached to it, send them a separate email asking them if they actually sent you a document. They may be infected and not know it! If they are infected tell them they need to notify people!
How can you protect yourself? Be suspicious of ANY email that looks like it could be a phishing attack. If you are wondering what that looks like, check out my previous blog article here. Do NOT authorize any apps to have permission to your gmail account. Check to see what apps already have authorization to your Google account and if they don’t look like something you accepted remove access. There is an article on how to do this on Google’s website here. They have addressed the issue and if you think you have been affected, please click here to find out what Google advises you do to correct the issue.