Recently an email has been making rounds among Google users, which as per several complaints by the users has hacked their accounts once they clicked the link in the mail that appears as a Goole Docs invite, reported Reuters. Moreover, the mail is coming from familiar contacts of a user, which makes it more difficult to trace it as a spam.
Alphabet has issued a public warning via Twitter about this spam mail, saying, “We are investigating a phishing email that appears as Google Docs. We encourage you to not click through and report as phishing within Gmail.”
Users are being asked to click a link in order to view a document, which provides the hackers access to the users’ personal contents, such as, Google accounts, contacts and online documents, said the security experts who reviewed the scheme.
“This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.
Cappos said that he had received seven of those emails in three hours on Wednesday, which indicates that the hackers are using some kind of an automated system to perpetuate the attacks.
According to Reuters, Google has not responded yet, for requests to comment other than its tweet.
Victims of this attack should remove the hackers from their accounts as soon as possible, said security experts.
“The point of the attack isn’t clear yet, but it could be a pre-cursor to some larger attack they’re planning,” said Matthew Gardiner, a security expert with email security firm Mimecast.