The bad guys spoof 2FA prompts and steal those codes the same way as
passwords. This example especially tough to catch because they're
displaying a legit Google.com oauth login for an app called "Google Docs"
that isn't Google Docs. This is also an old trick. The new one simply uses
an oauth
Jeff, I tried Manage Apps. Google Docs is not listed as an app I use.
--
You received this message because you are subscribed to the Google Groups "RBW
Owners Bunch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
It's a very good idea to never open the unexpected attachment without
validation first. For reference, the Docusign phish emails I received
yesterday look like this in gmail:
Header:
[image: Inline image 3]
Body of email:
[image: Inline image 1]
On Wed, May 3, 2017 at 3:30 PM, Lee Legrand
There are tradeoffs with password storage approaches. 1Password lets you
store them locally instead of in the cloud on a server controlled by
someone else. LastPass stores them in the cloud, but the browser
extensions validate the URL before recognizing the site for filling in the
login page
I never opened the doc because it looks so suspicious. Why would you send
me a document and I hardly know you and it is not listed as part of any
group. Thats why I never opened it.
On Wed, May 3, 2017 at 6:14 PM, Joe Bernard wrote:
> That's a good idea, Patrick. Thanks!
Joe - you likely need to take further action - you can read more about the
mechanics of this phishing attack here:
https://www.theverge.com/2017/5/3/15534768/google-docs-phishing-attack-share-this-document-with-you-spam
Where details about removing access to the offending app are detailed as
If you don't have 2 factor authentication on your google related accounts,
you can add that here:
https://www.google.com/landing/2step/
Tim
On Wed, May 3, 2017 at 1:15 PM, Chris Birkenmaier
wrote:
> I was going to PM you to see if you were sending me something. Glad I
>