Skip to main content

Security Alert: Google Docs Phishing Malware

Date:
2017-05-03 15:51:00
Status:
Closed
Brief Description:
A malicious "Google Docs" web app is being delivered via phishing emails probably originating from known senders. Clicking the link in the email prompts users to allow a new app to connect to their Gmail account. The app permissions allow it to spread.
Current Status:
Cornell engineers have provided instructions for anyone who clicked the link, so that they can recover from the affects of the phish. See https://it.cornell.edu/security-and-policy/recovering-google-docs-phishing-malware . Cornell had already previously taken steps to block the malicious websites.
Services Affected:
Email and Calendar
Subsites Affected:
Cmail
Full Description:
A malicious "Google Docs" web application is being delivered via phishing emails probably originating from known senders. Clicking the link in the email prompts users to allow a new app to connect to their Gmail account. The permissions of this new app allow it to spread itself further in addition to reading, deleting, and sending email and managing contacts.