There has been plenty of news about the latest hacking attempt, but the importance of warning about this latest phishing scam should not be underestimated.
So – you got an email saying someone added you to a Google Doc; click this link to view it. That takes you to a legitimate account screen, listing all the Google accounts you’re logged into. From there, you choose the one you want to use to view the document (or log in, if you weren’t already authenticated in your browser). There, a malicious service called “Google Docs” awaits, asking for privileges to access your account, your contacts, your password rests, your emails, everything.
If you already clicked this type of link, go to the Permissions page of your Google account as quickly as possible and, in this case, revoke access to the service called “Google Docs.” Again, it’s a fake. Then change your password and make sure you have two-factor authentication turned on.
Read the rest of this article at https://www.wired.com/2017/05/dont-open-google-doc-unless-youre-positive-legit/