If anyone has despatched you a 'Shared Google Document,' simply do not open it.
Replace: It sounds as if that Google has revoked get entry to to the OAuth consumer.
A phishing attack that unfold like wildfire among Google customers seems to be underneath regulate. According to Reddit user in touch with a Google Engineer, the factor has been resolved.
Simply the similar, in the event you obtain an e-mail asking you to percentage a Google report at this time, do not open it with out first confirming that it is from a official source, despite the fact that you assume you already know the e mail cope with. Name, textual content, or ship a separate e-mail to ensure it is from that individual.
The exploit works by way of sending you an e mail with an attachment or link named "Shared Document" or "Shared Google Document." While you click on on it, you are going to be redirected to what seems like a Google Pressure web page, the place you are going to be triggered to go into your password. For those who do input your password, you are going to give permission to the exploit to get entry to your e-mail content material and contacts.
This attack would possibly seem for your inbox from an e-mail cope with you understand, or it would come with CCs to contacts you realize. It sounds as if that the attack is a malicious OAuth consumer that positive aspects get entry to to a individual's Google cope with e-book, at which level the phishing message can be despatched to everybody in that individual's contacts.
From a remark on Hacker News:
Its a malicious OAuth consumer (more than one shoppers?) that fooled consumer into giving get right of entry to to learn emails, whilst pretending to turn as though it used to be wanted via GDocs itself to get right of entry to a Record, enabling release of amongst different issues password resets on different web sites. In case you are operating any web site that has "Reset my password" its now not compromised, since despite the fact that the attacker does now not have get entry to to password, the attacker had get right of entry to to e-mail inbox. Thus the reset go with the flow will permit attacker to compromise different web pages that depend on Gmail account.
If the exploit good points get entry to for your content material, it may probably have get entry to to different apps you're signed in together with your Google account credentials.
Should you obtain an e-mail from anyone that has a "Shared Google Document" link or attachment, despite the fact that it is from anyone you already know, simply delete it. In case you are anticipating a percentage record from anyone, touch them first thru textual content, phone name, or a separate e-mail to verify that the report is, certainly from the individual you assume it is from.
In case you assume you'll have already been inflamed with the virus, you will have to in an instant trade your password. You will have to additionally move to Google's security checkup and scan your Account Permissions segment to take away an app called "Google Doctors" or "Google Chrome" (with the Google emblem subsequent to it), It is now not a actual app. You will have to be capable of determine if it is a pretend app by way of noting the time of the authorization date. If the time is inside of the time frame that you simply clicked on the inflamed link, it is almost certainly the pretend one and also you will have to revoke permissions.
Finally, you will have to ship person emails, texts, or phone calls to folks on your cope with guide to allow them to know that your account would possibly were compromised and that they should not open any shared Google paperwork from you.