Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsDid Someone Just Share a Random Google Doc With You? DO NOT CLICK ANY LINKS IN IT.
Journalists in newsrooms across the United States are swapping warnings about what appears to be a widespread phishing attack, sent via a particularly sneaky invitation to a fake Google Doc.
The scope of the attack is not limited to news organizations, but appears to be spreading on a massive scale through peoples contacts. If youre concerned your account has been compromised, you can go to Googles security page to adjust permissions. (Look for manage apps, and revoke access to untrusted apps.)
Several IT experts are describing the attack as huge, startlingly fast-moving, and perplexing. Just in the course of writing this short post, I received two separate emails that appear to be part of the attack. In one Reddit thread, where people are trading information about the attack, someone describes the scam as almost undetectable. But there are clues to look out forboth of the suspicious emails I received were sent to an odd email address, hhhhhhhhhhhhhhhh@mailinator.com, with me blind-copied.
There are two big reasons why this thing is so tricky. For one, it looks legit: An invitation to view a Google Document appears to come from an existing contact. But when a person clicks on the link, the attack immediately replicates itselfmeaning, it has the potential to spam all of that persons contacts with the same message. The second reason its so tricky is that its unclear what the attack is attempting to do. Phishing is often a way for bad actors to gain unauthorized access to a persons email or other private accounts, but its not yet clear whats motivating this attack.
The scope of the attack is not limited to news organizations, but appears to be spreading on a massive scale through peoples contacts. If youre concerned your account has been compromised, you can go to Googles security page to adjust permissions. (Look for manage apps, and revoke access to untrusted apps.)
Several IT experts are describing the attack as huge, startlingly fast-moving, and perplexing. Just in the course of writing this short post, I received two separate emails that appear to be part of the attack. In one Reddit thread, where people are trading information about the attack, someone describes the scam as almost undetectable. But there are clues to look out forboth of the suspicious emails I received were sent to an odd email address, hhhhhhhhhhhhhhhh@mailinator.com, with me blind-copied.
There are two big reasons why this thing is so tricky. For one, it looks legit: An invitation to view a Google Document appears to come from an existing contact. But when a person clicks on the link, the attack immediately replicates itselfmeaning, it has the potential to spam all of that persons contacts with the same message. The second reason its so tricky is that its unclear what the attack is attempting to do. Phishing is often a way for bad actors to gain unauthorized access to a persons email or other private accounts, but its not yet clear whats motivating this attack.
https://www.theatlantic.com/technology/archive/2017/05/did-someone-just-share-a-random-google-doc-with-you/525279/?utm_source=atltw
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
4 replies, 3924 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (5)
ReplyReply to this post
4 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Did Someone Just Share a Random Google Doc With You? DO NOT CLICK ANY LINKS IN IT. (Original Post)
CousinIT
May 2017
OP
Coventina
(27,064 posts)2. Our campus was hit with this today. It is VERY REAL!!!
K&R
oasis
(49,335 posts)3. Thanks. k and r
SchrodingersCatbox
(89 posts)4. Simple rule
Don't open any attachment you're not expecting