A phishing attempt is spreading very quickly online. It is an email that looks very legit sharing a google doc. It usually comes from a trusted source since it is spreading via Gmail’s contact list. I even got hit with one at work. I wasn’t expecting any shared google docs so it raised my eyebrows and I did some quick searching online.
https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-emailI then warned all my users and setup a rule in Office 365 to block it.
- Login to https://portal.office.com
- Admin Centers –> Exchange
- Mail Flow —> Rules
- + –> Create New Rule
- Apply the rule if the recipient is [email protected]
- Do the following: delete the message
I went a little further and add some more rules for extra insurance. I’m deleting anything from or to mailinator.com. My users have no need for that service. I also searched message trace for any other messages that came in so I could warn those users directly. Fortunately we only received one.
More info on reddit.