Iowa State University

ITInformation Technology

What to Do if You Think You May Have Fallen Victim to the 3 May 2017 Phishing Attack on Gmail and Google Docs

This news item expired June 4, 2017. It may contain out-of-date information.

As of 4:15 p.m. on Wednesday, 3 May 2017, further threat surrounding a phishing email masquerading as a message from Google Docs was neutralized. Google released a statement via Twitter about the situation:

However, for those users who allowed “Google Docs” access to their account, there are a few things they should do to do to secure themselves and their information.

What to Do if You Believe You Fell Victim

If you accidentally granted permissions to the phisher, follow these steps to remedy the situation.

First, while signed in to your Google account, copy and paste into the address bar and revoke all permissions from “Google Docs”; this rogue app will have access to your contacts and Google Drive.

Next, change your passwords. Information on creating a strong password can be found by reading our blog post, “It is Time to Change Your Password”. If your account is an Iowa State administered Google account (CyMail), in order to change your password you will need to change your Net ID password via ASW. Find out how to change your Net ID password by copying and pasting into your browser’s address bar. Be sure to change the passwords of other accounts as well. Access to your Google account may have allowed the cybercriminal(s) the ability to reset the passwords of any accounts that send password reset emails to the affected Gmail inbox. Make sure each account has its own unique new password.

Finally, forward the phishing email as an attachment to Also, report the email to Google by clicking the downward facing arrow next to the reply button, and then clicking “Report Phishing.”

If you need assistance resetting your Net-ID password, please contact the Solution Center at (515) 294-4000.

Stay vigilant, Cyclones.


Related Media