If you haven’t seen the news alerts, there is a unique phishing attack going viral today exploiting Google Docs. It starts very legitimate using Google’s genuine sign-in page and then authorizes a malicious app named “Google Docs” to access your Gmail email and address book.
I was sent an email by a legitimate business contact that may be a real example of this phishing attack but Microsoft shut it down in 2 ways:
- It moved it to my Junk Folder and blocked the link (see below)
- “SafeLinks” within Exchange Online’s Advanced Threat Protection (EO ATP) blocked it (see below)
Make sure your organization doesn’t fall victim to the latest phishing attack