Google has scrambled to stop a scam email doing the rounds, which fools victims into handing over their accounts.
The email appears to be an invitation to open a Google Docs link. Anyone who clicked the link was taken to a page which looked exactly like the real thing. Accepting the invitation gave the hacker access to the victim's account.
"We are investigating a phishing email that appears as Google Docs. We encourage you to not click through, & report as phishing within Gmail," Google said on Twitter.
If you received an unexpected invitation to view a Google Doc, there are two clues to look out for:
- the invitation is from an account named 'hhhhhhhhhhhhhh', but the email address belongs to someone that's emailed you before
- the developer information, revealed when you click on the app's name, reveals it is made by firstname.lastname@example.org - not Google.
Giving the hacker access to your account bypasses other security measures you might have, including passwords and two-factor authentication. The email then gets forwarded onto anyone in your Gmail contacts list.
"We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts," Google said after being alerted to the scam.
"We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again."
Some Gmail users expressed disbelief Google's own spam protection failed to stop the emails getting into users' inboxes.
A similar scam led to the infamous Hillary Clinton email scandal, after Democratic National Committee head John Podesta clicked on a link he shouldn't have.