Members of the Lehigh community were affected by a nationwide phishing scam Wednesday.
People were receiving emails masquerading as Google Docs invitations, which have been confirmed by several news outlets to be phishing attacks.
Keith Hartranft, Lehigh’s chief information security officer, said he first became aware of the issue around 2:30 p.m. Wednesday. He said he’s not sure how many people it’s affected on campus but that it was a nationwide issue.
“What it was doing was you were approving an app that connected to your contact list and resent the email out to those in your contact list or those who you’ve just communicated with.”
Hartranft said the code for the phishing scam has since been posted on the web. Google has since taken action against the attack.
(1 of 3) Official Google Statement on Phishing Email: We have taken action to protect users against an email impersonating Google Docs…
— Google Docs (@googledocs) May 3, 2017
(2 of 3) & have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team…
— Google Docs (@googledocs) May 3, 2017
(3 of 3) is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail.
— Google Docs (@googledocs) May 3, 2017
“It was really their fix that needed to come into play here,” Hartranft said. “What they did was they had the domains that the page was communicating with shut down as malicious. They also basically swept through their entirety of Gmail accounts of people who had approved the app and removed it.”
He said the ability to approve the app has been blocked, so even if people were to click on the fake Google Docs links now, it would result in an error message and would not approve the app.
Comment policy
Comments posted to The Brown and White website are reviewed by a moderator before being approved. Incendiary speech or harassing language, including comments targeted at individuals, may be deemed unacceptable and not published. Spam and other soliciting will also be declined.
The Brown and White also reserves the right to not publish entirely anonymous comments.