Have you gotten an email today (or perhaps several), saying that someone from your contacts list shared a Google document with you? Think twice before opening it or clicking the link to access the doc.

A number of people have been victim of an apparent phishing attempt (where hackers try to get you to click on sketchy links) by an unknown organization starting around 11:30 am PT today.

At least some of the emails are addressed to “hhhhhhhhhhhhhhhh@mailinator.com” and appear to place the intended target in the BCC field. The subject line reads “[someone in your contacts] just shared a Google Doc with you,” imitating the way Google emails appear when people share Google Documents with one another.

If you click on the fraudulent link within the email, it will take you to a real Google page asking for widespread permissions across your Google accounts, which, if granted (don't) would give the attackers access to a vast amount of personal data. For now, it doesn't seem like the hack can access this information unless you give it permission; however, if you open the link, it does seem to forward the email to everyone on your contact list.

The attack hit a number an unknown number of employees within BuzzFeed and seems to also target people outside of the organization, including school districts.

If you search “shared a doc” on Twitter, the results keep piling up.

Here's what to do if you did click the link to the suspicious Google Doc:

• Go to the google security checkup and go through the checklist.
• Pay close attention to the Account Permissions section. Check for anything that looks suspicious and revoke access.

Google did not immediately respond to requests for comment.

Quelle: <a href="If You Just Got An Unexpected Google Doc, Don’t Open It“>BuzzFeed