If you clicked on a Google email recently, you may have been hacked

CYBER security experts warned on Thursday of a new phishing attack trying to collect people’s login information.

Fraudsters are taking advantage of the comments feature in Google Docs to send people emails with malicious links.

Hackers are sending malicious links to users through Google Docs


Hackers are sending malicious links to users through Google DocsCredit: Getty

When someone clicks a link, they are encouraged to enter the username and password for their Google account.

Attackers can then use these details to break into other online accounts, such as their social media profiles.

The researchers, from New York-based email security expert Avanan, say that the attack has targeted at least 500 inboxes since December.

In one blog post, Avanan’s Jeremy Fuchs says the team has observed “a huge, new wave of hackers taking advantage of the comment feature in Google Docs.”

The attack was “targeted primarily at Outlook users,” he added.

To carry out the attack, hackers are adding comments to public Google Docs.

Comments refer to the target with the @ symbol. In doing so, an email is automatically sent to that person’s inbox.

In that email, coming from Google, the full comment, including links and bad text, is included.

“Email addresses are not displayed, only the attackers’ names, making this ripe for impostors,” Fuchs writes.

Because email comes directly from Google, it can pass through security scanners used by Outlook and other email platforms without being detected.

In addition, the email does not contain the attacker’s email address, only the display name.

This makes anti-spam filters harder to evaluate and even harder to recognize as a potential victim of an attack.

Avanan says that it notified Google of the vulnerability on January 3 using the report email phishing button in Gmail.

It’s unclear if the search giant will be able to fix the problem. The Sun has reached out to Google for comment.

To protect yourself against similar attacks, make sure you scrutinize any links sent to you – even by big companies like Google.

Before clicking a comment on a Google Doc, you should cross-reference the email address in the comment to make sure it’s legit.

If you are unsure, you should contact the sender and confirm that they want to send the document.

In the UK, you can report a suspected phishing email to the National Cyber ​​Security Center here.

Warn of phone scammers claiming to be police and demanding up to $3,600 ‘to avoid arrest’

In other news, scientists are embarking on a mission to unravel the mystery behind dozens of creepy baby mummy was buried in an underground tomb in Sicily.

The police have caught an Italian mafia henchman who has been on the run for 20 years after discovering the fugitive on Google Maps.

One of the The best preserved fossils was found that confirmed that juvenile dinosaurs popped out of their shells like baby birds.

And, one eagle-eyed Reddit user made $2 billion fly stealth bomber on Google Maps.

We pay for your stories! Do you have a story for The Sun Online Science & Technology team? Email us at the address If you clicked on a Google email recently, you may have been hacked

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button