A new phishing scam is targeting Google Docs users to gain access to their accounts.
Hackers impersonate someone the user knows and requests permission to share documents using Google Docs.
The emails link to a bogus Google Docs page, where unwitting users log in and grant the sender access to their account.
Once access is granted, hackers access address books, where they send similar scam emails to other users.
To avoid phishing scams, the CyberSafe at USPS team is offering the following tips:
• Think before you click. Be extra cautious of emails asking for login credentials or “access” to accounts, even if they seemingly come from senders you know.
• Check the web address in the link. Don’t click on the link. Instead, move the mouse cursor over the link to determine if it’s legitimate. A pop-up box with the real address will appear when you do this.
• Check for errors. Phishing emails often contain spelling errors or grammatical mistakes.
For more information, download the Right Way to Report Phishing Incidents informational sheet.
Report phishing emails to the CyberSecurity Operations Center at email@example.com.
The CyberSafe at USPS Blue and LiteBlue sites have additional tips.