Journalists in newsrooms across the United States are swapping warnings about what appears to be a widespread phishing attack, sent via a particularly sneaky fake invitation to a Google Doc.
Several IT experts are describing it as huge and startlingly fast-moving. (Just in the course of writing this short post, I received two separate emails that appear to be part of the attack.) One Reddit thread, where people are trading information about the attack, someone describes the scam as “almost undetectable.”
There are two reasons why this thing is so tricky. For one, it looks legit: An invitation to view a Google Document appears to come from an existing contact. But when a person clicks on the link, the attack immediately replicates itself—meaning, it has the potential to spam all of that person’s contacts with the same message. The second reason it’s so tricky is that it’s unclear what the attack is attempting to do. Phishing is often a way for bad actors to gain unauthorized access to a person’s email or other private accounts, but it’s not yet clear what’s motivating this attack.
Hey, if you're a journalist getting hit with random Google Doc invites right now, do not click. Forward phishing attacks to cooperq@eff.org
— Sarah Jeong (@sarahjeong) May 3, 2017
There's a widespread Google Docs phishing scam affecting all kinds of people (e.g., not just gov't or journalists) today. Be careful.
— Waldo Jaquith (@waldojaquith) May 3, 2017
Phishing (or malware) Google Doc links that appear to come from people you may know are going around. DELETE THE EMAIL. DON'T CLICK. http://pic.twitter.com/fSZcS7ljhu
— Zeynep Tufekci (@zeynep) May 3, 2017
As in most cases of widespread cyberattack, vulnerabilities are found, exploited, then eventually patched—before hackers figure out the next way to game the system and the cycle repeats itself. A spokesperson for Google told me she would look into what’s happening, but didn’t immediately have any information to share.
from Technology | The Atlantic http://ift.tt/2pGb0VA