Users under threat as phishing attack hits Gmail

Users under threat as phishing attack hits Gmail

Self-replicating malware takes over Google accounts

Gmail users have been warned that their accounts may be vulnerable following a phishing attack sweeping the internet, allowing cyber criminals to gain control of email accounts.

Google confirmed the attack via social media, with the scam accessing personal details and information.

“We are investigating a phishing email that appears as Google Docs,” a company statement on Twitter read. “We encourage you to not click through, & report as phishing within Gmail.”

Two hours later, the tech giant said that it had addressed the issue by blocking the malicious document, with the attacking coming in the form of an email sent to users which includes an invitation to open a shared Google Document.

The link is a fake which when executed, opens a self-perpetuating internet worm.

Users are then required to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authentication if set up and signing in alerts.

After logging in, the fake Google Docs app then requests access to the user's Google accounts.

If users allow access, the worm will read contacts and attempt to send itself out to them to affect more users. Reports also say the program is accessing affected users email accounts and the information within.

Google is warning users who have already allowed access to the malicious Google Docs to remove the application in Google settings.

While the origin of the attack and the identity of the culprits is unclear at this stage, there have been reports that the messages appear to have been sent via the Mailinator throw-away email service, with no other malicious properties apart from self-replication.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Googlecyber crimeGmailpasswordsDocs



How MSPs can capitalise on integrating AI into existing services

How MSPs can capitalise on integrating AI into existing services

​Given the pace of change, scale of digitalisation and evolution of generative AI, partners must get ahead of the trends to capture the best use of innovative AI solutions to develop new service opportunities. For MSPs, integrating AI capabilities into existing service portfolios can unlock enhancements in key areas including managed hosting, cloud computing and data centre management. This exclusive Reseller News roundtable in association with rhipe, a Crayon company and VMware, focused on how partners can integrate generative AI solutions into existing service offerings and unlocking new revenue streams.

How MSPs can capitalise on integrating AI into existing services
Access4 holds inaugural A/NZ Annual Conference

Access4 holds inaugural A/NZ Annual Conference

​Access4 held its inaugural Annual Conference in Port Douglass, Queensland, for Australia and New Zealand from 9-11 October, hosting partners from across the region with presentations on Access4 product updates, its 2023 Partner of the Year awards and more.

Access4 holds inaugural A/NZ Annual Conference
Show Comments