Yesterday afternoon, a phishing scam was sent through emails worldwide yesterday. The scam took form of an email sent by somebody in your contacts, and asked its recipient to view a document and allow Google Docs to have permission to read and send emails from the account. If a recipient clicked “allow”, data could be stolen. Google estimates that 1% of its users were affected by this scam–including ICCSD Gmail accounts. At this point, it’s not clear if serious damage has occurred.

The email usually included “[email protected]” as one of the recipients. Adam Kurth, head of technology at ICCSD, spectates that not much data could have been stolen.

 “It’s unlikely that emails themselves were stolen is simply due to time,” said Kurth. “While writing a script to distribute emails to contacts doesn’t take a long time, downloading users’ mailbox data does.  Since the attack was turned off by Google – through disabling the fake app that was being used – in a matter of minutes after the attack began, there wasn’t enough time for attackers to copy any significant portion of users’ email data.”

Google Docs stopped the scam link from working around 21 hours ago. ICCSD will not be making any changes to its security after this scam.

“Our response to the scenario was within our plan of action for this type of scenario, and we had actually identified and blocked both the source domain for the spam messages, as well as the address to which the link directed users, prior to any announcements of problems from Google.” said Kurth.

If you opened this email and gave the scam the permissions, you can go to these two sites to fix the issue.

Google Account Permissions -Shows you what applications have permission to view information on your Google account.

Google Security Checkup-Tells you what computers, phones, or Chromebooks have access to your Google account.

Stacy Behmer, Coordinator of Digital Learning Technology at the Grant Wood AEA, has three tips for students to catch suspicious emails:

1. Look at the email address it comes from because they try to make it look like a legit email, but if you looked at the address of the email in the header it was clear that it was spam.
2. Does the email look like normal email you get? It was clear that yesterday’s email wasn’t from Google because it didn’t follow the normal doc sharing email look.
3. Have you gotten an email from that person before? If you haven’t had a doc shared with you or gotten an email from them then to be safe email them and ask, better safe than sorry!