Google Doc Phish

Google Doc phish Example & ways to Identify

There is a google doc phish going on and it seems to be very wide-spread. This new threat is hitting most major organizations.  As often happens, the message makes its way through spam filters and the untrained users make the virus spread like wildfire.

Once someone clicks the link, it hijacks their account and spams their contact list.

A few major indicators that this is a phish;

  • The recipient’s address was :  hhhhhhhhhhhhhhhh@mailinator.com
  • If you hovered over the link you would have seen the URL was hidden and they used a shortener that read something like the following; (we intentionally broke this link so nobody clicks it)
    •  https:\\goo.gl\rG6YsW

 

Google Doc Phish

Edit** This is the alert we received and notified our people about on April 28th….. A week before anyone else. Google claimed to have quickly shut down the attack an hour after they noticed a week later.  All PeopleSec users avoided this attack  😛