An apparent email "phishing" scam spread around the country Wednesday afternoon, enticing people to click on what looked like valid Google link that instead exposed their personal information--and some Illinois school districts are warning parents of the suspicious emails.
Batavia Public Schools posted on Facebook that officials had blocked the email from its inboxes but said the attack was continuing nationwide.
"If you or your child receives any emails that appear to be from a known or unknown contact containing a link to a Google Doc, please delete these e-mails and most importantly, DO NOT OPEN THE ATTACHED GOOGLE DOC," the post warns.
The emails have also reportedly come from Chicago Public School district emails as well as Barrington School District 220 and LaGrange School District 202 among others. Both suburban school districts posted warnings on Facebook to parents.
CPS offered guidance to employees if they clicked the tainted link and encouraged staff to change their passwords.
"This scheme targeted google accounts worldwide, and we are investigating the potential impact to our system," Michael Passman, a spokesman for the school district, said in a statement. "We quickly blocked incoming messages related to this scheme and provided guidance to staff to avoid these messages."
The email arrives with a subject line saying someone "has shared a document on Google Docs with you" and a link that says "Open in Docs." The link appears to be legitimate, and clicking on it leads people to a page where they are asked to give "Google Docs" access to their Google account.
But it is not the real Google Docs, and clicking the "Allow" button gives the potentially malicious app permission to read and delete emails and to manage contacts. It is not clear who is taking the data once users authorize access or what they are doing with it.
Newsrooms across the country reported being inundated with the emails, as did a variety of other organizations. The scam spread so quickly and so comprehensively that "Google Docs" was the top trending term on Twitter in the United States by 4:30 p.m. ET.
Cybersecurity officials at the New Jersey Office of Homeland Security and Preparedness tweeted that people should avoid clicking the link. A number of New Jersey school districts also warned that they had been struck and that students should not click.
A thread on the Google board on Reddit had hundreds of comments from people who had been exposed to the link and were trying to identify the source.
Google did not immediately return a request for comment, but it did address the issue on Twitter.
"We are investigating a phishing email that appears as Google Docs. We encourage you not to click through & report as phishing within Gmail," the official (and verified) Google Docs account said.