How To Change Your Gmail Password If You Opened The Google Doc Phishing Link
Ah, the sweet, sweet smell of Twitter panicking over something that is happening on this internet. To be more specific, a whole boat load of people are dealing with the Google doc phishing link scheme that is, unfortunately, spreading viruses on people's computers. If you are one of the unlucky masses, you're going to want to figure out how to change your Gmail password, and fast — links like this exist to mine for passwords to access all kinds of information, so the sooner you can block it out, the better.
Bustle reached out to Google about the phishing link, and a spokesperson wrote the following to Bustle:
We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.
The Google doc link is deceptive because it looks like it is coming from someone in your address book, shared through a Google Drive. The only distinguishing feature is that it CCs a second email address: firstname.lastname@example.org. Here's what it looks like:
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. pic.twitter.com/fSZcS7ljhu— Zeynep Tufekci (@zeynep) May 3, 2017
If you accidentally open it, stay calm. Your information has possibly been compromised, and there is also a possibility that the phishing link used that information to send the link out to people in your address book — so make sure you get in touch with people over email or on social media to let them know not to open any invitations for Google docs from you.
The first thing you'll want to do is change the password to your email account. If you're on Gmail, changing it is relatively simple.
Click "My Account" On Your Gmail Page
On the left side of the page, you'll see "Sign in & security". Click that link and scroll down.
It will display how long it's been since you changed your password and whether or not you have "two-step verification" for logging in. (TBH, this might be a good time to add it, if you haven't already.) From there you can confirm your current password and change it.
If That Doesn't Work ...
Try clearing your cache, using a different browser (like Safari, Firefox, or Chrome), or quitting your browser and relaunching.
If You're Using A Work Email ...
Contact your tech person or the head of your department immediately, regardless of whether or not you're having trouble changing your password. Odds are your account sent phishing links to your coworkers, and you want ot nip that nonsense in the bud.
What To Do After You Change Your Password
Contact your financial institutions like banks and credit card companies and warn them that your information has been compromised. Change any passwords on accounts where there might be further personal information, like social media accounts and online shopping accounts. And spread the word! The more people who know about the phishing, the faster the world can put an end to it.