What This Vulnerability Alert Is About
Reported yesterday, an "unusually sophisticated" phishing campaign is targeting people who use Gmail email accounts from Google.
How This Is Spread
Users are receiving emails from people they know or trust and are being asked to click on an attached Google Docs (GDocs) file. Clicking on that file takes them to a real Google security page. Users then are asked permission by the app (posing as the Google Doc) to manage the user's email account. Once the app has control of the account, it spreads itself to all of the user's contacts, reproducing itself.
What You Need to Know or Do
Don't open emails/attachments that you aren't expecting. Be especially cautious with emails containing a Google Docs attachment. Avoid bypassing any security warning presented to you. Report the phishing attempt to Google via GMail.
What Is the Resolution?
Google has taken action to address the issue. If you suspect you have become infected, report this to Google at g.co/SecurityCheckup and contact your managed services provider immediately.
Find More Information About This Vulernability
Need an IT Managed Services Provider?
If you are on Florida's Gulf Coast--from Tampa to Naples--and you have 10 or more users, please contact Entech by clicking on the blue button below.