A phishing email has been receiving a lot of attention over the past day due to its sophisticated structure. And with the issue being heavily discussed online, Google has acted fast in an attempt to mitigate the damage.
The malicious email appears exactly the same as a standard Google Docs message offering someone access to a shared file. When the ’Open in Docs’ link is clicked, the user is presented with a Google accounts screen, requesting access for ‘Google Docs’.
But ‘Google Docs’ in this case is not the official client, but instead what is likely to be a malicious application. Anyone tricked by the hoax will provide the application’s developer with access to their Gmail account and contacts.
Responding to the circulation of the phishing email, Google said they have deactivated the rogue account and are also taking steps to ensure that a similar ruse cannot be performed in the future.
[via Android Police]