Google Docs Phishing Attack Recovery

May 4, 2017

A phishing attack has been deployed at many universities and organizations that use Google G Suite for email and document sharing, including UCSB. You may receive a message purporting to share a Google Doc with you that comes from someone you know. The message will contain an official looking "Open in Docs" button (see the image below). DO NOT CLICK ON THAT BUTTON. If you do, the email will be shared with everyone in your contacts list, spreading the phishing attack to new potential victims.

What you should do if you clicked on the button:
1. Go to https://myaccount.google.com/security#connectedapps
2. Click on Manage Apps
3. If you see “Google Docs” listed as an app, click Delete

NOTE: Step 3 does NOT delete the documents in your Google Drive. The “Google Docs” app that appears on that list is not a real app.