Welcome to “The Tank”
The Office of Information Security will publish recent examples of phishing emails received by the campus community. Please check “The Tank” often for the latest phishing examples when you receive a suspicious email. If you do not see it in “The Tank” please send it to security[AT]uri[dot]edu for review.
You may also alert Google directly if you receive a phishing email by using the Google Mail Web Interface within the message. Click on the down arrow to the right of the ‘reply’ button and select ‘Report phishing’. The message will be sent to the Google GMail Team immediately for analysis and filtering.
Warning: These are real examples of phishing, please do not attempt to explore them.
Widespread Fake Google docs sharing – May 3, 2017
The University of Rhode Island ITS Security team has detected an email phishing attack. To be specific, the attacker generates an email that looks like an invitation to a document share which specifically attack Google accounts. If you see an email with the subject line: “[Employee Name] has shared a document on Google Docs with you” please delete the email from your inbox.
If you have already clicked on a Google Docs invitation, use the below URL to revoke access from the 3rd-party fake Google Docs” app:
https://myaccount.google.com/intro/security?target=permissions#connectedapps and revoke access to “Google Docs” immediately. It may now have a name ending in […apps.googleusercontent.com] since Google removed the one with Google Docs naming. The real Google Docs does not require access.
The Security Team asks that everyone be vigilant when checking email.
Should you have any questions or need help in removing this email from your mailbox, please contact helpdesk by emailing helpdesk[AT]uri[dot]edu