A Gmail phishing attack had users fooled for a time this week.

phishing attackThe attack revolved around Gmail users receiving an email from a contact who was on their trusted contact list which asked them to open a Google Doc. From there they were asked to give permissions to a fake third-party Google App named “Google Docs”.

That allowed the hackers to manage the user accounts email as well as manage their contacts. From there they were able to send out more phishing emails to those contacts, so the attack spread quickly.

The phishing attack was sent through an email address “hhhhhhhhhhhhhhhh@mailinator.com. using an account from a free email service provider.

Google Phishing attackAccording to reports over a million users were affected.

On their Twitter feed https://twitter.com/googledocs  the company said steps have been taken to protect Gmail users against the phishing email and have shut down the accounts used to launch the exploit.

Google has also said its “abuse team is working to prevent this kind of spoofing from happening again.”

Google is also encouraging users to check account their security settings to make sure to remove any apps that you don’t recognize or are no longer needed. You can do that by going to https://g.co/SecurityCheckup

We encourage business owners to make sure their employees are trained on how to look for phishing emails.  Here are some tips:

  1. As in this case…the message contained a strange or mismatched url.
  2. The URLs contain a misleading domain name.
  3. The messages contain poor grammar and spelling.
  4. An offer in the email will appear to be too good to be true.
  5. The message asks for personal information.
  6. Your employee did not initiate a contact with the person/company you received the email from.
  7. You’re asked to send money. (We know of one case where a local business manager replied to an email supposedly from her boss to wire transfer thousands of dollars to an account, luckily they contacted their bank and they were able to stop the transfer before any money was sent)
  8. The message contained unrealistic threats, mainly around banking and money matters.
  9. The message appears to be from a government agency.