Google Quickly Resolves a Major Gmail Phishing Scam

Google Quickly Resolves a Major Gmail Phishing Scam

Hackers have launched a sophisticated phishing attack against users of Google’s Gmail service. So be on the lookout for an invite to share a Google Docs document.

The good news? Google says it has moved quickly to protect customers.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

“We have taken action to protect users against an email impersonating Google Docs and have disabled offending accounts,” a Google statement explains. “We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.”

We use Gmail through G Suite at Thurrott.com, and while I’ve not exactly experienced this scam, Brad has.

You can read more about the scam on Reddit. But the good news is that it appears to be over.

Here’s an updated statement from Google.

“We realize people are concerned about their Google accounts, and we’re now able to give a fuller explanation after further investigation. We have taken action to protect users against an email spam campaign impersonating Google Docs, which affected fewer than 0.1 percent of Gmail users. We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems. We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third-party apps connected to their account can visit Google Security Checkup.”

You may also recall that I documented basic online account security earlier this year.

 

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 10 comments

  • chaad_losan

    04 May, 2017 - 10:15 am

    <p>i got the email. I immediately deleted it. I don't use google docs nor requested any access to one. Nice to see Google step up and stop it before it got bad.</p>

  • Martin Pelletier

    Premium Member
    04 May, 2017 - 11:13 am

    <p>That's one thing I like from Google. They take security seriously. They take actions very fast not like Microsoft sometimes. I wish they could force their OEMs using Android to push all the updates needed to secure the phones on the market.</p>

  • Waethorn

    04 May, 2017 - 11:20 am

    <p>Another common problem is if you're sharing a G Suite document on a website with read-only access, expect to get a lot of unsolicited requests for editing permissions.</p><p><br></p><p>I'm also going to call out Google for something that I don't like about Gmail: the Spam folder gets a lot of very obvious phishing scam emails and even viruses, that are both indicated as such by their filter warnings. This stuff should be blocked by default on Google's end. Not a single virus should ever have delivery completed to the end-user.</p>

    • Jeff Jones

      04 May, 2017 - 2:13 pm

      <blockquote><a href="#112561"><em>In reply to Waethorn:</em></a></blockquote><p>Your Gmail inbox is still technically on Google's end, but I understand what you were getting at. I would guess they don't block it completely just in case they get a false positive or in case the user wants to see all the spam and crap that is getting filtered.</p>

  • siko

    04 May, 2017 - 11:45 am

    <p>Someone claiming Google taking security seriously, should really see the bigger picture with so many unpatched, half finished and poorly written apps, sites and even an OS (Android) that google has laying around, with no plans or support for updating or fixing. So glad I got out of gmail, back to outlook.com</p>

    • Nicholas Kathrein

      Premium Member
      04 May, 2017 - 1:58 pm

      <blockquote><em><a href="#112573">In reply to siko:</a></em></blockquote><p>Wow! This comes off like an Apple fan boy comment. I'd say a Microsoft fan boy but this comment is so far past that I had to go Apple fan boy. You really should do some research before retelling of FUD. Google has one of the best security groups in all of tech. They spend untold amount of many on bug reward programs across all their products and even other companies products as Microsoft has had MAJOR holes that Google has reported to them. </p>

  • skane2600

    04 May, 2017 - 11:54 am

    <p>The important lesson here is that even if you use a cloud-only device such as the original Chromebook, you are still subject to being compromised. Of course Chromebooks that run Android apps expose users to even more issues.</p>

  • CaedenV

    04 May, 2017 - 2:30 pm

    <p>.1% of users my foot!</p><p>We caught wind of it pretty early yesterday and were able to take steps to protect ourselves before the emails started flooding in. But almost everyone I know fell for this thing. It was huge, and it was everywhere. If I had to make a dumb guess I would say it affected a good 5-10% of active users.</p>

  • YouWereWarned

    04 May, 2017 - 11:40 pm

    <p>I love the padlock providing the appearance of security. </p>

  • brettscoast

    Premium Member
    05 May, 2017 - 12:34 am

    <p>Well kudos to GoogleGmail for acting quickly to stop this in its tracks from what could become a major issue for gmail users accounts. I have to add that gmail does a very good job of filtering spamunsolicited emails from user's inboxes also. I wish some ISP's would do the same.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC