clock menu more-arrow no yes

A massive Google Docs hack is spreading like wildfire

Don’t click.

The Station Wild Fire Spreads To Over 100,000 Acres North Of Los Angeles David McNew / Getty

Gmail users are under attack in a gigantic phishing operation that’s spreading like wildfire across the internet right now.

People took to Twitter to report receiving an email that looks like an invitation to join a Google Doc from someone they know.

But when you click on the link to open the file, you are directed to grant access to an app that looks like Google Docs but is actually a program that sends spam emails to everyone you’ve emailed, according to a detailed outline of the attack on Reddit.

The practice of sending an email in order to trick someone into granting access to their personal information is called phishing, and it’s usually done for malicious reasons, like to steal credit card information or trick them into sharing their password.

Screenshots of the phishing emails that have been shared on Twitter all look like they are sent to this email address: hhhhhhhhhhhhhhhh@mailinator.com.

If you receive an email like this, do not open it. If you’re at work, alert a member of your technical support team. According to the Reddit post, if you’ve clicked “Allow” in the Google Docs prompt, you’ve been compromised.

You can visit the apps permission page of your Google account to check what apps have been given access to your account. If you see Google Docs in the list, revoke its access.

Here’s an animation of how the attack plays out:

Recode reached out to Google for comment but did not immediately hear back.

Update: Here’s what to do if you suspect you were hit by today’s phishing attack.


This article originally appeared on Recode.net.

Sign up for the newsletter The Weeds

Understand how policy impacts people. Delivered Fridays.