On Wednesday, May 3, 2017, a widely spread email scam/phising email was broadcast and found its way into the email Inbox for many users around the world (see article here).
The following directions are for those who may be affected by the email phishing message shown below (with subject “[NAME] has shared a document on Google Docs with you”).
If you clicked on the link and chose an account through the screen below, an app was subsequently installed on your Google account.
Please follow the instructions included in this message to confirm you have removed the malicious app from your Google account.
These instructions will help you confirm the app has been removed from your account.
- Navigate to https://myaccount.google.com/permissions to manage the various apps connected to your account, and the level of access they have to your information:
- Look for an app called “Google Docs” or a strange string of text such as “1024674817942-fstip2shineo1lsego38uvsg8n2d3421.apps.googleusercontent.com” and click on the box to expand it. Then click “Remove” to remove/revoke access to the app.
If you don’t see Google Docs or a strange string of text listed as an option, you are likely unaffected by the phishing attack. As a precautionary measure, if you clicked on the link and authorized the app, we strongly recommend you change your password. On the SFUSD network, you may use https://mylogin.sfusd.edu/ or call the SFUSD Help Desk at 415-241-6476, option 1.
Google responded swiftly to remove the vulnerabilities from their systems and identify the perpetrators of this attack, and suggests users visit g.co/SecurityCheckup to monitor their accounts and remove any suspicious apps.