Beware of the Google Docs Scam – How to Protect Yourself

Profile image for indrajeet
May 15, 2017 | Views: 3010

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

google doc scam

Did someone share a Google Doc with you? If yes, you might be one of the millions of internet users who fell victim to this scam campaign.

In the last few days, a lot of people received emails from their contacts with a seemingly normal and legitimate invitation to view a Google document  which says that the person [sender] “has shared a document on Google Docs with you.”  It might even appear to have been sent from one of your known friends, family members, or colleagues – lulling you into a false sense of security.

Once the link is clicked, you will be redirected to a page which says, “Google Docs would like to read, send and delete emails, as well access to your contacts,” asking your permission to “allow” access.  Seems normal right? Google often asks for these types of permissions in other areas, plus the window kept the same theme of the typical Google Permissions request.

But, here is the catch. It’s a fake app! The app, Google Docs, is actually a guy named Eugene Pupov trying to trick you. Click the blue “Google Docs” link to get more info on the app:

Since the app will allow access to “manage your contacts” and “read, send, delete, and manage email”, it gives the attacker full access to your Inbox. It also allows the attacker to propagate the scam by sending the same email to all of your contacts.

In short, anything linked to a compromised Gmail account is potentially at risk and even if you enabled two-factor authentication, it would not prevent hackers from accessing your data (since you gave them direct access through permissions).

Now, What do you do if you’ve already fallen, victim?

If you fell victim to this scam, then you need to remove permissions given to the app.

  • Go to your Gmail accounts permissions settings at https://myaccount.google.com and Sign-in.
  • Go to Security and Connected Apps.
  • Search for “Google Docs” from the list of connected apps and Remove it. It’s not the real Google Docs

Though these types of scams can be scary, don’t loose hope. Stay informed and keep your guard up. If you’re suspicious of the invitation or attachment in an email, just ask the person who sent it if it is actually something you are supposed to open. If they don’t know what you’re talking about then just delete the email and save yourself trouble down the road.

I hope this information helped you. Thanks and good luck.

Share and Earn Cybytes
FacebookTwitterGoogle+LinkedInEmail
Save
+1
17
0
Use Cybytes and
Tip the Author!
Join
Share and Earn
Cybytes
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Be the Best at Whatever You Do.
We Have the Tools to Get You There.
Visit the NEW Marketplace of Over 500 Skill Enhancement Tools.
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

A “Noob’s” Guide to Ransomware
Views: 2400 / September 23, 2017
Dark Network Guide!
Views: 3452 / September 22, 2017
UNM4SK3D: SEC, APT33, and CCleaner
Views: 1661 / September 22, 2017
Penetration Testing Flash Applications
Views: 1735 / September 22, 2017
Skip to toolbar
[close]
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel