Gmail users have been warned that their accounts may be vulnerable following a phishing attack sweeping the internet, allowing cyber criminals to gain control of email accounts.
Google confirmed the attack via social media, with the scam accessing personal details and information.
“We are investigating a phishing email that appears as Google Docs,” a company statement on Twitter read. “We encourage you to not click through, & report as phishing within Gmail.”
Two hours later, the tech giant said that it had addressed the issue by blocking the malicious document, with the attacking coming in the form of an email sent to users which includes an invitation to open a shared Google Document.
The link is a fake which when executed, opens a self-perpetuating internet worm.
We've addressed the issue with a phishing email claiming to be Google Docs. If you think you were affected, visit https://t.co/O68nQjFhBL. pic.twitter.com/AtlX6oNZaf
— Google Docs (@googledocs) May 3, 2017
Users are then required to log into their Google accounts by the malware, which doesn't ask for a password and appears to bypass two-factor authentication if set up and signing in alerts.
After logging in, the fake Google Docs app then requests access to the user's Google accounts.
If users allow access, the worm will read contacts and attempt to send itself out to them to affect more users. Reports also say the program is accessing affected users email accounts and the information within.
Google is warning users who have already allowed access to the malicious Google Docs to remove the application in Google settings.
While the origin of the attack and the identity of the culprits is unclear at this stage, there have been reports that the messages appear to have been sent via the Mailinator throw-away email service, with no other malicious properties apart from self-replication.
