A sophisticated phishing scam concealing itself as a Google Docs file made waves online Wednesday. The attempt hit so many users that the hashtag #PhishingScam was trending on Twitter by the afternoon, NPR reports.
Here are five things to know.
1. The phishing email, which invites the target to edit a file in Google Docs, might be sent from an acquaintance or a stranger's account, according to NPR.
2. Unlike a real Google Docs invitation, the phishing email does not display the Google Docs logo. The phishing email is also addressed to a username with a string of Hs, NPR reports.
3. Should the target attempt to open the file, the phishing scam prompts the user to sign into their account and asks for permission to access and manage all account information, according to USA Today.
4. If a user clicked the link, there is still a way to deny the phishing scam future access, according to Vice. An affected user should visit the "permissions" section of their Google account's page, where they can remove the malicious "Google Docs" app.
5. Google has disabled offending accounts, according to a statement the company released May 3.
"We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again," the company said in a statement to USA Today.