🚨🚨🚨 Really major Gmail phishing attack going around right now. Do NOT click on an unexpected "Open in Docs" link.
Whether or not you have, now is a great time to review the apps you've authed to your account: https://security.google.com/settings/security/permissions
@xor what does it look like after clicking on it? Is it a zero interaction thing or is there the normal "authorize blah blah blah"? What does that page look like?
@kaniini ah. yikes. Luckily i'd be very suspicious of something that didn't already pre-populate the email or icon (although that's certainly not foolproof)
@kaniini (for anyone else reading this thread: the one that's going around today actually asks you to authorize an app)
@nightpool @xor Judging from articles, it sounds like it asks you to authorize an app but it the app has the same name and icon as the actual Google Docs
@nightpool @xor @kaniini Agreed. I think this is one phishing attack that I might just have fallen for. It is kind of strange that you can make an app with that name though.
what i have been seeing is "open in gdocs" links that send you to a phishing login page and then a fake authorize google apps screen.
i suggest resetting password and verifying you haven't authorized any rogue apps...
@chris @nightpool this is correct. The URL for the app (not displayed but you can hover to see) is a not-Google link. Extremely subtle.
If "Google Docs" appears in the list I linked, nuke it
@xor @chris @nightpool from what I can tell (and based on the conversation on HN) it appears it redirects to googledocs.gdocs.pro after getting the OAuth token. Wish I had an actual example.
@wxl @xor @nightpool Yup, it has the redirect URLs in the code linked here: https://toot.works/@chris/81914 https://toot.works/media/cLpTPgkh8MK2fQIsMWM
@chris @xor @nightpool tl;dr no one should be expecting their apps to have access to their apps on the same service.
@nightpool it asks for your e-mail address and password using the old-style google login page where you input both