Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying
How To Identify the Scam Email
You will see an email from someone you’ve had correspondence with (and in many cases know well) that contains the subject line stating that a document has been shared on Google Docs (example: John Smith has shared a document on Google Docs with you). You will not see your email address because it is in the bcc field, however you will see the email address hhhhhhhhhhhhhhhh(AT)mailinator.com appear.
The message will contain a link saying Open in Docs. Do not click this. If for some reason you do, you will get prompted to sign into your Google account if you are not already signed in. Afterward, you will be prompted to give permission to “Google Docs” access to your email and contacts.
Clicking the info button (The “i” inside of the circle) will show developer information that contains a random Gmail account. Do NOT click the allow button, as it will send the scam message to your contacts. While the adversaries do not have your password, they will have access to read emails in your account as well as to send emails from it without the need for any sort of security check (both passwords and two factor authentication get bypassed).
How do I know if I’ve been affected?
If you clicked the Allow button, then you’re affected. And you may have heard back from acquaintances, friends, and family by now. Another way to know is to check your Sent messages, and see if any strange emails have been sent.
How do I fix the problem?
Go to the Permissions section of your Google account at https://myaccount.google.com/permissions to see the apps that have access to your account. Click the one that says “Google Docs”, then click the Remove button. (In this screenshot you will WhatsApp because it is an app that was given permissions from an Android phone) Optionally, you can change your password (even though the adversary never received it) as it a good security practice to change passwords periodically. Also please be sure to check your sent mail for the scam email. Alert the recipients that not to open the email and to delete it right away, and let them know what happened.