As you may be aware, Google has reported a major phishing scheme that began attacking users yesterday afternoon. If you receive an email saying that someone shared a document with you and you click to open the document and the screen asks for permission to access your account – DO NOT ALLOW PERMISSION!! If it were a legitimate Google doc it would not be asking you this. This phishing scam affects Google accounts, not LLCC accounts.
Here is what to do if you already clicked on the phishing link and gave spammers third-party access to your Google account:
- Revoke access to “Google Docs” (the app will have access to contacts and drive) by following this link: https://myaccount.google.com/permissions
The following are good security practices:
- Turn on multifactor authentication.
- Change your password.
- Report phishing attacks to Google by clicking on the top right arrow in your inbox.
- Always use caution when clicking on links sent to you and/or granting access to resources.
- Never share usernames, passwords, SSN, bank accounts, etc.
For more information about Google phishing scam go to: http://www.zdnet.com/article/fake-google-docs-phishing-deluge-hits-gmail/