2017-05-03 19:51:00

Closed

A malicious "Google Docs" web app is being delivered via phishing emails probably originating from known senders. Clicking the link in the email prompts users to allow a new app to connect to their Gmail account. The app permissions allow it to spread.

Cornell engineers have provided instructions for anyone who clicked the link, so that they can recover from the affects of the phish. See https://it.cornell.edu/security-and-policy/recovering-google-docs-phishing-malware . Cornell had already previously taken steps to block the malicious websites.

A malicious "Google Docs" web application is being delivered via phishing emails probably originating from known senders. Clicking the link in the email prompts users to allow a new app to connect to their Gmail account. The permissions of this new app allow it to spread itself further in addition to reading, deleting, and sending email and managing contacts.