A widespread phishing scam is hitting email accounts and IT experts are warning the public to be vigilant.
Wednesday afternoon, many people reported receiving emails from people who they may or may not know, claiming to share a Google Document, but the public is instructed to not open the email and immediately delete them.
Lucas Koenig, Chief Technology Officer at Kerber Rose in Shawano, says the goal of the scam is to gain access to your account information and all they need from you is to click on the link.
“This one’s a little more complicated, but from what I’ve been reading it gains access to your real account and puts a Google Docs app into your Google account, and it gives them access to your accounts, so [scammers] can send emails and do whatever they want.”
“It’s very widespread,” said Susan Bach, Regional Director at the Wisconsin Better Business Bureau in Appleton. “There’s a good chance that every person will receive at least one of these and if you click on the notification, you’ve probably given access to your email contacts, so you in turn will be sending this kind of spam to your contacts. That’s why it has grown so rapidly.”
For those who may have already clicked on the email link, Koenig says the first step is to immediately change the password to your Google account.
“They need to go into their security in their Google account and just look for any connected apps called Google Docs and if it is in there remove it,” Koenig explained. “It’ll never be called Google Docs in the app and that’s the reason they named it that, to try to fool people.”
To avoid this type of email scam in the future, Koenig recommends using a two-factor authentication because if you were to click on the link, it would require a second authentication method to gain access to your account rather than immediately being able to log in.
This type of phishing scam isn’t anything new, as the Better Business Bureau received complaints in 2015.