UPDATE: 5.3.17 6:30PM  As of 5:30PM EST Google has fixed the issue that caused a worldwide sophisticated phishing attack today.

Google spokesperson reports, “We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

This Google docs phishing email worked like this: You get an email saying someone added you to a Google Doc; click this link to view it. That takes you to a legitimate account screen, listing all the Google accounts you’re logged into. From there, you choose the one you want to use to view the document (or log in, if you weren’t already authenticated in your browser). There, a malicious service called “Google Docs” awaits, asking for privileges to access your account, your contacts, your password rests, your emails, everything.

Both Google and Denison ITS are working on cleaning up any account who has “Google Docs” showing as an app connected to your Denison account.  However, ITS recommends that you also take the following action to verify your account.

If you already clicked this type of link today (or any day), go to the Permissions page of your Google account and revoke access to the service called “Google Docs.”  Then, we recommend that you change your password.

source: google, www.wired.com, www.theverge.com

---

5.3.17 3:30PM ITS has received a flood of reports of scam email messages from Denison accounts titled “(Denison Account) has shared a document on Google Docs with you”. Please DO NOT click the “Open in Docs” link in this message. ITS is working to block these scam messages. If you did click on this link, please follow the steps in this FAQ including changing your BigRedID password immediately: http://apps.denison.edu/helpdesk/faq3422.