If your mom wants to share a Google Doc with you, check the source

  

You might have heard a phishing scam has been making the rounds on the internet in the last day or so.

It's aimed at users of Google's Gmail, and it's really nasty.

It starts with an email, perhaps from one of your known contacts, that says they'd like to share a document with you.

When you click the link to open the document, you'll be prompted to authorize an app called Google Docs, which sounds official, but it's not.

It all looks legitimate, but the Google Docs app requests permission to read, send, delete and manage your email as well as manage your contacts.

You really don't want to click the "Allow" button.

If you do, the app will send a similar phishing email to all your contacts, plus they then have control over your Gmail account.

Every instance I've seen of the original phishing email comes from the address: [email protected], which should be a red flag if you're paying attention.

Google says it has taken steps to eliminate this particular instance of the phishing scam.

"We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We've removed fake pages, pushed updates through Save Browsing, and our abuse team is working to prevent this kind of spoofing from happening again, "the company wrote on the Google Docs Twitter feed.

What can you do to protect yourself and your data?

I'd go to g.co/SecurityCheckup and check your Google account security settings.

If you installed the bad app, you'll need to take some quick action to limit the damage. You need to check your Google settings to see which apps you've granted permission to access your Google data.

Here's a great page bit.ly/2qP6cAl that shows you what to do.

So, what did we learn from this?

Hopefully, we learned not to click on things just because they show up in our email, even if they are from one of our known contacts.

If you are not expecting an attachment or an invitation to share a Google Doc, then you should really check with the sender to make sure it's legitimate before you open a file or install an app on your computer.

Always be skeptical. It'll help you in the long run.

Explore further: Google Docs phishing scam doused after catching fire