05/03/2017

Did Someone Just Share a Random Google Doc With You?

Don't click the link

Journalists in newsrooms across the United States are swapping warnings about what appears to be a widespread phishing attack, sent via a particularly sneaky invitation to a fake Google Doc.

The scope of the attack is not limited to news organizations, but appears to be spreading on a massive scale through people’s contacts. If you’re concerned your account has been compromised, you can go to Google’s security page to adjust permissions. (Look for “manage apps,” and revoke access to untrusted apps.)

Several IT experts are describing the attack as huge, startlingly fast-moving, and perplexing. Just in the course of writing this short post, I received two separate emails that appear to be part of the attack. In one Reddit thread, where people are trading information about the attack, someone describes the scam as “almost undetectable.” But there are clues to look out for—both of the suspicious emails I received were sent to an odd email address, hhhhhhhhhhhhhhhh@mailinator.com, with me blind-copied.

Please click here to read the complete article from The Atlantic.