Yesterday, Millions of people are attacked by a Phishing email sent from none other than their friends.This mail contained an simple document file requesting you to open on Google Docs, Since, it will look like an invite from your friend, chances are, you clicking that option.But, When you clicked on the option, then it will redirect you to google.com, to request some permissions. When you clicked on the Allow button, then BOOM! your account will be Compromised, and all your data will be at risk.
Because, the application you allowed access was programmed to read all emails,view your contacts,and send emails , delete emails without having your login information..!
Though Google claims to have stopped this attack, a report shows, nearly a half of the million people had already clicked on the option "Open in Docs", before google officially stopping the attack.
What if, you (or) Your friend became one of the victims of the above attack ??. Simple, your data will be at risk and may be circulating on the dark web now..
Here is an post that will be helpful in recovering yourself from the Google Docs phishing attack..
Do, this steps,
1) Visit https://myaccount.google.com/permissions , this will take you to the page that shows list of apps you had gave permissions to operate from your gmail account
2) Now, if you see Google Docs, on that list, then Click on it, and revoke the app from accessing your account.
3) The apps permission will be now revoked, that doesn't mean you are safe now.!
4) You are safe, only when you changed your password, so change that into something strange or harder to guess and if possible enable two step authentication, to protect yourself from this and future attack ( enabling 2 step verification will make google to send a text message to your registered Mobile number, Only after you had entered the received code, you or any one will be allowed to login or access your account,So enable that option, for better security advantage)
If you hadn't received any mail, then you are safe, but makesure you are not clicking the email from the mail claiming to be from friend to open in Google Docs, because this malicious emails all may appear to come from your contact, but when you look close, they were actually from the address“firstname.lastname@example.org” with recipients BCCed..
Only you can save yourself , My friend.!
How to recover from " Open in Google Docs" Phishing Attack happened on 03 May 2017
4/ 5Oleh Logesh Waran