Phishing email attack causes stir on social media

Phishing email attack causes stir on social media
© Getty Images

A phishing email attack was launched Wednesday targeting people with Google accounts, drawing wide attention on social media.

A number of Twitter users, many of them journalists, reported receiving phishing emails asking them to click on a shared Google Doc. Later, Google addressed the phishing scam in a statement, saying that it had taken action to stop the campaign and protect Gmail users. 

“Beware of the phishing attempts hitting the inboxes of newsroom employees,” Samantha Barry, a CNN reported, tweeted. “They're appearing as shared google docs. Do not click.”


Screen grabs of phishing emails shared on social media showed that the messages appear to come from a contact familiar to the target. 

“Phishing (or malware) Google Doc links that appear to come from people you may know are going around,” Zeynep Tufekci, an assistant professor at the University of North Carolina’s the School of Information and Library Science, wrote.


Phishing schemes are fraudulent emails designed to obtain access to a target’s information. 

It was a this type of scam that infamously gave hackers access to the personal emails of former Hillary ClintonHillary Diane Rodham ClintonImpeachment hearings don't move needle with Senate GOP GOP divided over impeachment trial strategy 'Too Far Left' hashtag trends on Twitter MORE campaign chairman John Podesta, leading to his personal emails being published by WikiLeaks and a series of damaging leaks.

The intelligence community has traced the hack of Podesta’s emails, as well as that of the Democratic National Committee, to an influence campaign orchestrated by the Russian government.

Google initially said that it was investigating the phishing scheme. The company released a follow-up statement late Wednesday, saying that the campaign affected less than 0.1% of Gmail users and was halted within about an hour, and that Google has taken steps to protect users against the phishing scheme. 

The company also found no evidence that personal data was exposed. 

“We protected users from this attack through a combination of automatic and manual actions, including removing the fake pages and applications, and pushing updates through Safe Browsing, Gmail, and other anti-abuse systems," A Google spokesperson said.

"We were able to stop the campaign within approximately one hour. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed. There’s no further action users need to take regarding this event; users who want to review third party apps connected to their account can visit Google Security Checkup.” 

Adam Levin, chairman of the identity protection firm CyberScout, told The Hill that a significant number of these campaigns originate from Eastern Europe, Russia, and China. He described the scams as the “missile of choice for hackers.” 

“They use compromised email contact lists to lure additional unwitting participants into virtual pyramid schemes for the purposes of launching spam, distributing malware to recruit mobile and Internet of Things devices into botnet armies for Distributed Denial of Service (DoDS) attacks or to crawl into networks for the purpose of data theft, or collecting data from countless prospective identity theft victims by directing them to clone sites,” Levin said. 

He warned individuals against clicking on links or opening attachments before verifying with the sender that they did send them. He also encouraged individuals to implement two-factor authentication so hackers can’t use compromised credentials to access their email. 

This post has been updated.