Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsDid Someone Just Share a Random Google Doc With You?
Journalists in newsrooms across the United States are swapping warnings about what appears to be a widespread phishing attack, sent via a particularly sneaky invitation to a fake Google Doc.
The scope of the attack is not limited to news organizations, but appears to be spreading on a massive scale through peoples contacts. If youre concerned your account has been compromised, you can go to Googles security page to adjust permissions. (Look for manage apps, and revoke access to untrusted apps.)
Several IT experts are describing the attack as huge, startlingly fast-moving, and perplexing. Just in the course of writing this short post, I received two separate emails that appear to be part of the attack. In one Reddit thread, where people are trading information about the attack, someone describes the scam as almost undetectable. But there are clues to look out forboth of the suspicious emails I received were sent to an odd email address, hhhhhhhhhhhhhhhh@mailinator.com, with me blind-copied.
There are two big reasons why this thing is so tricky. For one, it looks legit: An invitation to view a Google Document appears to come from an existing contact. But when a person clicks on the link, the attack immediately replicates itselfmeaning, it has the potential to spam all of that persons contacts with the same message. The second reason its so tricky is that its unclear what the attack is attempting to do. Phishing is often a way for bad actors to gain unauthorized access to a persons email or other private accounts, but its not yet clear whats motivating this attack.
https://www.theatlantic.com/technology/archive/2017/05/did-someone-just-share-a-random-google-doc-with-you/525279/
The scope of the attack is not limited to news organizations, but appears to be spreading on a massive scale through peoples contacts. If youre concerned your account has been compromised, you can go to Googles security page to adjust permissions. (Look for manage apps, and revoke access to untrusted apps.)
Several IT experts are describing the attack as huge, startlingly fast-moving, and perplexing. Just in the course of writing this short post, I received two separate emails that appear to be part of the attack. In one Reddit thread, where people are trading information about the attack, someone describes the scam as almost undetectable. But there are clues to look out forboth of the suspicious emails I received were sent to an odd email address, hhhhhhhhhhhhhhhh@mailinator.com, with me blind-copied.
There are two big reasons why this thing is so tricky. For one, it looks legit: An invitation to view a Google Document appears to come from an existing contact. But when a person clicks on the link, the attack immediately replicates itselfmeaning, it has the potential to spam all of that persons contacts with the same message. The second reason its so tricky is that its unclear what the attack is attempting to do. Phishing is often a way for bad actors to gain unauthorized access to a persons email or other private accounts, but its not yet clear whats motivating this attack.
https://www.theatlantic.com/technology/archive/2017/05/did-someone-just-share-a-random-google-doc-with-you/525279/
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
5 replies, 5264 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (16)
ReplyReply to this post
5 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Did Someone Just Share a Random Google Doc With You? (Original Post)
SecularMotion
Aug 2017
OP
Track Visitors To Google Docs; Know When People Open & Read Your Documents
SecularMotion
Aug 2017
#1
Yes my friend got nailed and it automatically sent the bogus email to his whole contact list.
Trust Buster
Aug 2017
#2
SecularMotion
(7,981 posts)1. Track Visitors To Google Docs; Know When People Open & Read Your Documents
When people open the document inside Google Docs or as a public web page, they will be connected to the Internet and hence their visit will be registered by statcounter.
You get to know the exact date time when the document was accessed, the physical location of the reader, the duration of his stay and some other details like browser, OS, ISP, etc. Heres a sample tracking report generated by my stats program.
https://www.labnol.org/internet/office/track-google-docs-visitors-know-when-document-read-opened/3397/
You get to know the exact date time when the document was accessed, the physical location of the reader, the duration of his stay and some other details like browser, OS, ISP, etc. Heres a sample tracking report generated by my stats program.
https://www.labnol.org/internet/office/track-google-docs-visitors-know-when-document-read-opened/3397/
Trust Buster
(7,299 posts)2. Yes my friend got nailed and it automatically sent the bogus email to his whole contact list.
IF YOU RECIEVE AN EMAIL THAT REQUIRES OPENING A GOOGLE DOC TO READ IT - DON'T, JUST DELETE THE EMAIL.
halobeam
(4,873 posts)3. There is a thread here o DU, that asks to fill out a Google doc.
I don't know how to link a thread here ( I'm on my phone). The doc is asking for Clinton voters to fill out info regarding their name, email address, birthday, town, state, then thoughts on election and upcoming election as well.
It said it will EMAIL you back if they use your comments, but won't share your personal information.
I gather people shouldn't be opening that email.
BTW, The thread was posted in General Discussion late last night, early morning today.
I hope it's not related, but be careful!
Demsrule86
(68,582 posts)4. I paid for word and never use google docs.
dalton99a
(81,513 posts)5. Kick.