Recovering From Google Docs Phishing Malware

This article applies to: Security & Policy

How do I know if I've been affected?

If you clicked "allow" when prompted by the "Google Docs" app to connect to your Google account, you have been affected. If you didn't click the link, closed the tab, or clicked "deny" then your account is safe. If you have any question, please follow the instructions below.

How do I recover my account safety?

Google recommends running the following security checkup on your account: g.co/SecurityCheckup

To specifically check for this malicious application attached to your account

Navigate to https://myaccount.google.com/
Click on "Connected apps and sites"
Click on "manage apps" to edit the apps that have access to your account.
Find the app titled "Google Docs" and click the Remove button. Note: Doing this will not interfere with your ability to use the real Google Docs.
The malicious application no longer has permissions to your account.

Finally, as an added precaution, please change your Cornell NetID password here: https://netid.cornell.edu.

Security & Policy Articles

see all

Use the Internet Safely

Clear Your Browser Cookies, Cache, and History

Many public computers have software installed to automatically clear browser cookies, cache, and history. Look for the Deep Freeze icon (polar bear) in the System Tray or Task Bar. If...

Cyberscams Capitalize on Tragic Events

Unfortunately, malicious attempts to exploit high-profile events, anniversaries of significant events, emergencies, tragedies, and even major political events, are not uncommon: New...

Enhance Web Browser Security

Improve the security of your web browser. Set preferences to ensure software updating is enabled. Use the built-in browser security settings. Disable popups in your...

Identify Risky End-user License Agreements (EULAs)

When you’re online, be particularly wary if you are asked to install software—even if it appears fairly harmless. Before downloading and installing any new software, always read the EULA,...

IT Security Vocabulary

Adware – software that displays advertisements; you may see popup ads or a small window or bar that displays ads in your browser. Back door – a means of accessing your computer that...

Keep Malware (Viruses, Trojans, Worms) Off My Computer

Malware = Malicious Software There is no guaranteed solution to prevent malware from invading your computer, since criminals spend a lot of time finding new and innovative ways to break...

Opt Out of Market Research

Companies use a variety of market research techniques to understand the needs and wants of consumers. Your privacy can be at risk when you participate in surveys, online communities, focus...

Protect My Privacy

Just as the Internet makes it easy for you to find all sorts of information, you risk others finding out things about you that you don’t intend to be public. As an experiment, search for...

Protect Yourself Against a Two-Factor Phishing Attempt

Fraudulent emails (see how to spot them) are a common way to steal Cornell NetIDs and passwords, and gain access to your private information. Even with two-factor authentication enabled, criminals have found ways to trick users into giving away their login credentials.

Read Web Addresses (URLs) in Email and Online

You can learn information about web addresses (URLs) by looking at some of their components. Finding the Important Parts of a Complex Address In a complicated address, like http...

Recovering From Google Docs Phishing Malware

How do I know if I've been affected? If you clicked "allow" when prompted by the "Google Docs" app to connect to your Google account, you have been affected. If you didn't click the link,...

Stop Websites From Installing Software Without Approval (Drive-By Download)

Websites you visit can download and install software without your knowledge or approval. This is called a drive-by download. The objective is usually to install malware, which may:...

Verify if a Website is Who it Claims to Be (EV Certs)

Verify that a web site you are visiting is who it claims to be. If you see green in the address bar in your browser, the web site has an Extended Validation (EV) Cert and it’s encrypted....

Search Filters:

Knowledge Base Article

Quick Links and Search

How can we help?

Quick Login

Recovering From Google Docs Phishing Malware

How do I know if I've been affected?

How do I recover my account safety?

To specifically check for this malicious application attached to your account

Finally, as an added precaution, please change your Cornell NetID password here: https://netid.cornell.edu.

Security & Policy Articles

Use the Internet Safely

Guides

Was this page helpful?

Comments?

Support

Follow IT@Cornell...