Another Google Docs phishing trick just raised its head a couple of hours prior, and it’s spreading like rapidly spreading fire. Google has all the earmarks of being making a move to stop it, however meanwhile: be super, super careful about Google Doc welcomes for the present. In the event that you succumb to this one (and a lot of generally hawk peered toward individuals have as of now), it’ll impact out the trap to everybody on your contact list.
This is what you have to know:
Clicking the link takes you to a real Google-hosted page, with a list of your Google accounts ready to click
It asks you to select an account and provide an app called “Google Docs” — yes, they were somehow allowed to name a third-party app “Google Docs” — with account permissions
As soon as you click the “ALLOW” button, this not-at-all-actually-Google Docs app now has permission to read your emails and email all your contacts… the latter of which it’ll start doing pretty much immediately, spreading the worm to pretty much everyone you’ve ever emailed.
This one is super sneaky; pretty much the only way to detect it before falling for it is to click the small “Google Docs” link on the actual Google-hosted page and notice that the developer info seems… off.