There’s a nasty piece of malware going around that pretends to be a Google Doc link, maybe from someone you know.
To protect yourself, don’t click on Google Doc links you weren’t expecting to receive. Often, these links are sent by people you know.
Here’s an example I received this afternoon. Several of my colleagues have received identical emails:
Apparently, if you were to click on the “Open in Docs” link, it would send a similar email to your entire inbox, according to Buzzfeed’s Joe Bernstein.
The malware seems to be pretty sophisticated:
We’ve reached out to Google and we’ll update when we learn more. In the meantime, if the sender is someone you know, check with them outside of Gmail to ensure they actually shared a Google Doc with you before opening anything.
Update 4:00PM ET, 5/3: We’re seeing reports that Google has disabled the application, although we’re still not sure exactly how far it’s spread, or if the attack might continue through another application.
Update 4:25PM ET, 5/3: Google has also said it is “investigating” the issue, warning users not to click on links in the meantime.