On May 3, 2017, a fresh email scam swept through millions of inboxes: millions of Gmail users received a message suggesting that a friend or colleague had shared a Google Doc with them.
Early reports indicated that the scheme was geared toward journalists, with up to 150 illicit messages being sent per minute; Google eventually reported that up to 0.1% of its one billion active accounts were affected. The email, which appeared to be addressed to an address like [email protected] with specific addresses listed under BCC, tricked users into thinking a real document had been shared with them and asked them to click on an “Open in Docs” button. That led to a page that asked for permission to access a user’s Google Drive and contact list—another click would then lead to the fake email being sent out to everyone in the affected person’s address book.
If You Fell for the Gmail Phishing Scam, Here’s What You Need to Do Next
If you fell for the scam, don’t worry—the damage was quickly mitigated, as Google disabled accounts connected to the offending email and stemmed the phishing tide within one hour. Google released the following statement:
“We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1% of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third-party apps connected to their account can visit Google Security Checkup.”
Aside from email contact lists and third-party app permissions, it’s not clear what other kinds of information scammers were after. But in this day and age, an event like this demonstrates that anyone is vulnerable to cyberattack, and any Google user should use this as motivation to review their privacy settings and enhance their online protections by reviewing the following steps:
If you’re not sure how to perform these actions, or afraid that doing so could impact your day-to-day operations, contact CMIT Solutions immediately.
1) Change your Google password! This is the easiest way to quickly enhance personal security. Visit myaccount.google.com, click on “Signing in to Google,” click on “Password,” and change it to something unique, with a mix of upper- and lower-case letters, numbers, and unique symbols that add up to a password longer than eight characters.
2) Activate two-factor authentication. Even if hackers did manage to steal important information using this scam, two-factor authentication, which requires both a password and a unique code delivered to you via text message or email, would prevent them from compromising your account. From myaccount.google.com, click on “Signing in to Google” again, then click on “2-Step Verification” and enable it. If 2FA is available on any of your accounts, use it!
3) Perform a Google Security Checkup. Recommended by Google’s technicians, this process checks your settings and activity to ensure that you have approved the third-party apps and other plug-ins that can access your Google account. If scammers got into your account and changed any settings, you can block them using this process. Click myaccount.google.com/secureaccount and follow along as everything is double-checked. It’s a good idea to perform this a few times a year, particularly after any newsworthy scams occur.
4) If you receive further suspicious emails, report them as junk or spam to your email hosting service or IT provider. Every Gmail user who immediately received the Google Docs scam and reported it as junk to Google helped them quickly identify and resolve the problem. Even the best technology requires smart, savvy human beings whose insight and intelligence can help things work properly.
If you fell for this phishing attempt or are concerned about the security of your email account, contact list, laptops, desktops, smartphones, or other systems, contact CMIT Solutions now. We worry about IT so you don’t have to, and our North American network of more than 160 locations and 800 technicians work 24/7 to prevent our clients from being negatively impacted by phishing attempts, scams, hacks, data breaches, malware, viruses, and more.