Be extremely careful if you recieved this type of email: "John Smith has invited you to view the following document". Even if it’s from a friend of yours, always check if they really sent you this invitation.
This is a fake link. It will send you to a page which says, "Google Docs would like to read, send and delete emails, as well access to your contacts", asking your permission to "allow" access.
Once you’ve allowed the access, you immediately give permission to the hackers to:
- Manage your Gmail account
- Have access to your emails, without needing your Gmail password
- Have access to all your contacts and spread among them
- Enter everything your Google account manages: Facebook, Twitter, business e-mail accounts, pictures, your phone…
This OAuth phishing email is incredibly dangerous and quick. It hits multiple organizations and media outlets that use Gmail, and thousands of individual users.
What if I have clicked this phishing link?
If you have clicked on the phishing link and granted permissions, you can remove it:
- Sign into your Gmail account.
- Go to Security and Connected Apps.
- Search for "Google Docs" from the list of connected apps and Remove it. It's not the real Google Docs.
Follow us on Twitter to be informed about future cyberattacks!
Since the start of the week, the ransomware LOCKY is again striking France. After being given a rejuvenating makeover, it has returned in an even more virulent form.
A team of Israeli security researchers working for Cybellum, has identified a new vulnerability in ALL versions of Windows (from XP to Windows 10) allowing a cybercriminal to take total control of a machine.
Ransomware dominated the headlines last year. And if the first few days of January are anything to go by, they will remain in the spotlight throughout 2017. The latest wave of malware attacks promises to be more sophisticated, more virulent, and marketed...