This article may include partner links. If you click, visit or buy from these links, we will receive a fee or products from the companies mentioned in this post. Please read our disclosure policy for more details.
A stealthy and nasty phishing scam made its way around the internet as of May 3rd, the source and author of the code has yet to be discovered, but latest update as of 5:17PM ET on the same day reports that Google had already contained the malware by shutting down the drive used to spread the code, according to the Verge.
Google disclosed that affected users only accounted for less than one percent of total users, but knowing how massive Gmail and docs users are, that’s still a significant amount of bots that can be used to re-send the malware.
WHAT IS PHISHING ANYWAY?
In a nutshell, phishing is a form of cyber-attack where malicious attackers (crackers) impersonate a legitimate email user account and sends malware loaded emails to unsuspecting contacts and make it appear legitimate.
The goal is to have unsuspecting users open the email and execute, the ‘payload’, which is the malicious code or malware.
Once the malware is opened and launched, depending on the intended action, it either hijacks the affected user’s contact list to re-send and replicate itself or execute an application that can spy or worse steal information from the affected machine.
- For more info on phishing, this is a great info page created by search security.
Since there is still a risk that residual spread might still happen, here are some ways to avoid being a victim of this attack that could ultimately SAVE you time, hassle, and even Money.
- If you see an email entitled “your FRIEND or SOMEONE you know” has shared a document on Google Docs with you, DO NOT CLICK on the attachment !! Especially if you are a Gmail user. I don’t believe any other mail users are affected or at least haven’t been reported.
- The email should look like this
- When you are tempted, make sure you HOVER over the email address to ensure it’s a legitimate sender, you should see as in the screenshot that the email address looks a little ‘phishy’ with the “hhhhhhhhhhhhhhhh(at)mailinator.com” address.
-
IF the subject line is even remotely the same as the one above, I’d skip on opening the email and risking the infection.
- In the off-chance that you are a google docs and Gmail user and you clicked on the email, here’s how to know if you’ve been affected:
- If you clicked “Allow“, you’ve been hit. If you didn’t click the link, closed the tab first, or clicked deny, you’re okay! (Thanks to reddit user JakeSteam for providing the step by step on this infection)
- Here’s another blow-by-blow of the malware infection shared by security expert Zach Latta via his twitter page
- How to stop the spread if you think you’ve been infected as shared by Zach Latta; Revoke access to Google Docs immediately by doing the following
-
Go to https://t.co/60z1CDeunO
-
Find the app called “Google Docs”
-
Revoke all permissions
BOTTOM LINE
Being an IT security professional myself, I know first-hand how time-consuming, disruptive, and expensive malware infections can become so I always advise clients, friends, and family, when receiving unsolicited emails even when they’re from known sources, delete them.
If it’s truly important, the sender will make a way to contact you and inform you of the email they sent.
If you have malware software, you can right-click on the email and choose the option to scan the mail to make sure it’s clean.
In this day and age, with the advent of fast internet and sophisticated cyber-crime rings, we should always practice vigilance and safe browsing habits.
We should make it a part of our online routines. If we do, it can inevitably end up saving us tons of money, time and aggravation and ultimately play into our money saving strategies.
Do you have questions or concerns about internet security? please comment below or send us an email at thedebtfreejourney@gmail.com and I will do my best to answer them or get you the information you need.
Peace and Blessings to All.
Leave a Reply