Don’t click that Google Docs link! Gmail hijack mail spreads like wildfire : The Register

SUBSTRATUMS

Rogue app grabs contacts, peeks at inbox, spams everyone.

phishingFinal update If you get an email today sharing a Google Docs file with you, don’t click it – you may accidentally hand over your Gmail inbox and your contacts to a mystery attacker.

The phishing campaign really kicked off in a big way on Wednesday morning, US West Coast time. The malicious email contains what appears to be a link to a Google Doc file. This leads to a legit Google.com page asking you to authorize “Google Docs” to access to your Gmail account.

Except it’s not actually the official Google Docs requesting access: it’s a rogue web app with the same name that, if given the green light by unsuspecting marks, then ransacks contact lists and sends out more spam. It also gains control over the webmail account, including the ability to read victims’ messages and send new ones…

View original post 74 more words

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s