A phishing email spread so quickly Wednesday, it forced Google to issue a warning on Twitter about opening Google Docs.
“We are investigating a phishing email that appears as Google Docs. We encourage you to not click through & report as phishing within Gmail,” the company explained on Twitter.
This particular email could seem innocuous enough as it may come from someone you know, as Reddit user JakeSteam explained.
“I received an email that a Google Doc had been shared with me. Looked reasonably legit, and I recognized the sender,” he wrote.
But a closer look shows that the email wasn’t sent by a contact, but by an automatically-generated email, such as hhhhhhhhhhhhhhhh@mailinator.com.
He went on to explain that although the email itself looked legitimate, the URL attached to the document seemed “off” somehow.
WATCH: Google apologizes to ad clients for YouTube content fiasco
JakeSteam explained If you were to click, you are taken to a legitimate Google screen which will ask you to allow Google Docs to access your Google account.
The virus then appears to send the email to all of your contacts, and possibly, everyone you have ever contacted.
“This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” said Justin Cappos, a cyber security professor at NYU Tandon School of Engineering.
Cappos said he received seven of those malicious emails in three hours on Wednesday, an indication that the hackers were using an automated system to perpetuate the attacks.
He said he did not know the objective, but noted that compromised accounts could be used to reset passwords for online banking accounts or provide access to sensitive financial and personal data.
Tom Warren of the Verge explains how to delete the virus from your account.
– With files from Reuters