Google Quickly Resolves a Major Gmail Phishing Scam

Posted on May 4, 2017 by Paul Thurrott in Cloud with 10 Comments

Google Quickly Resolves a Major Gmail Phishing Scam

Hackers have launched a sophisticated phishing attack against users of Google’s Gmail service. So be on the lookout for an invite to share a Google Docs document.

The good news? Google says it has moved quickly to protect customers.

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts,” a Google statement explains. “We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

We use Gmail through G Suite at Thurrott.com, and while I’ve not exactly experienced this scam, Brad has.

You can read more about the scam on Reddit. But the good news is that it appears to be over.

Here’s an updated statement from Google.

“We realize people are concerned about their Google accounts, and we’re now able to give a fuller explanation after further investigation. We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1 percent of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third-party apps connected to their account can visit Google Security Checkup.”

You may also recall that I documented basic online account security earlier this year.

 

Tagged with ,

Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register

Register for this Webinar

How Replication Supports Your Company’s RTOs & RPOs
Join us for this free webinar

Can you have your workloads running within the agreed RTOs? Join this webinar with expert speakers from Veeam to exceed business objectives with an RPTO<15 min for ALL of your application and data.

Thursday, December 14, 2017 at 11 a.m EST