Buckle up, sad humans of the internet, because we are in for a bumpy ride: a Google Doc phishing scheme has been making the rounds through the internet today, spreading viruses on people's computers and, unfortunately, spamming the address books of people who happen to open the phishing link. While people have been warning everyone on social media, word hasn't quite gotten out yet, and people are still accidentally clicking it. So what happens if you click the Google Doc phishing scam link? Unfortunately, nothing pretty — but there are immediate measures you can take to prevent the escalation of the damage.
A Google spokesperson issued this statement to Bustle:
We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.
The first step to knowing whether or not you've accidentally clicked the Google Doc phishing scam link is identifying what it looks like. According to users who have received the link, the email will come to your computer from Google Drive and will appear to be shared between a user that you know (someone who has already been hacked) and an address at firstname.lastname@example.org. Here is a screenshot a user posted to Twitter:
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. pic.twitter.com/fSZcS7ljhu— Zeynep Tufekci (@zeynep) May 3, 2017
If you opened the email and didn't click the link, you should be fine. If you did, there are a number of things that users have reported that they are experiencing as a result of clicking the link, including that their passwords and personal information have been compromised, and that the phishing link has automatically sent from their account to the accounts of people in their address books, spreading the link even further.
But how exactly does the scam use the link to uncover your personal information and send emails from your account? YouTube user DewClarke lifted the veil on the other side of hacking to show exactly how passwords are pulled from phishing links (and YIKES it is grim).
The most important question, though, is what to do after you've clicked the link. Here are the immediate steps you should take:
- Disconnect your device from Wi-Fi.
- Back-up any personal files that you have on your computer with a USB.
- Reconnect to Wi-Fi, and run a malware scan like Malware Bytes on your computer to see if your information has been compromised.
- Change the password to your email, and passwords on any account where you have sensitive information — Twitter, Instagram, Facebook, online shopping sites. Anywhere you might have your credit card information stored.
- Call your bank and credit card companies to let them know that your information has been compromised; the bank will keep an eye on your accounts, and the credit card companies will reissue you cards with new numbers to prevent fraud.
- Email your address book and post on Facebook or other social media to let people know your account has been compromised, and not to open any links sent from your account.
- If you are still experiencing issues, contact a professional on what steps to take next.
Good luck out there, fellow interneters. And maybe for the rest of the day just avoid sending each other Google doc links, eh?