Disclaimer: This news item was originally posted on Wednesday, May 3, 2017. Its content may no longer be timely or accurate.

Gmail/Google Doc SPAM message circulating

Posted: 14:40:26, Wednesday, May 3, 2017   Expiration: 14:40:26, Wednesday, May 17, 2017  

A Gmail vulnerability using Google Docs is being exploited globally on 5/3/17.

A gmail exploit is happening right now in which you may receive an email that says "<name> has invited you to view the following document:" and the display name is someone you know, but the To: is actually hhhhhhhhhhhhhhhh@mailinator.com.  There is no other text in the message.  Do not click on this link, it is not a legitimate email.  If you did click on the link, please immediately take the following two steps:

First, remove the hacker's access to your account.  Go to Google's Sign-in & security page.  Under Apps connected to your account, you may see Google Docs.  Remove this.  The real Google Docs always has access to your account, so you don't have the option to remove the real one.  This one is a fake name from the hacker.

Second, change your gmail password.  It is not clear right now if this attack is harvesting your password or other information yet, so to be on the safe side, please change this password.

If you have any questions or concerns about this or other potentially malicious/phishing/virus emails, please contact the MERIT helpdesk at 265-4773 or helpdesk@education.wisc.edu.

-- School of Education: Jason Erdmann

Created: 09:50:38, Wednesday, May 3, 2017 (by Jason E.)
Updated: 15:01:56, Wednesday, May 3, 2017 (by Brenda S.)