The Hudson Valley is on high alert after a massive phishing scheme masquerading as a Google Doc affected approximately one million Gmail users throughout the country.
On Wednesday, the scheme spread like wildfire as a strange Google Doc made its rounds throughout the Internet, which, when accepted through email, allowed the user access to a malicious app that is disguised as a Doc. The message is then forwarded to each of that user’s contacts.
The scam affected an unknown number of schools, businesses, organizations and other users. It is not immediately clear what the implications of accepting the malicious app entail. On social media, many reported that while the email looks identical to one sent by google, it may also be addressed to “hhhhhhhhhhhhhh.”
In a statement, Google said that they are investigating the issue and offered advice for anyone worried they may have clicked on a fraudulent email.
“We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing and our abuse team is working to prevent this kind of spoofing from happening again.
“We encourage users to report phishing emails in Gmail. If you think you clicked on a fraudulent email, visit g.co/SecurityCheckup and remove apps you don’t recognize.”
Southern Westchester BOCES shared information about the situation in an email to parents on Wednesday, providing a screenshot of one of the fraudulent emails that were sent out.
“This is an alert that users have reported that they are receiving emails from districts and/or vendors stating that they have shared a Google Doc with them. If you should receive one of these email messages, please do not click the link. This will take you to an external site that is looking to collect user information. I have included a screen shot of the message contents. If you receive this, please do not click on the link.”