Breaking It Down: How It Works
The phishing attack is initiated through an email invitation to edit a Google Doc. The message appears to have been sent from people stored in your contact list. Once the link is clicked, you are sent to a webpage requesting permission to access emails and contacts. The Google Docs request looks very much like a legitimate one, which is how it has been so successful. The attacker’s account was shut down within an hour, however it appears a large number of Gmail accounts may have been victimized within that short period of time.
As a precaution, any users that use a Gmail email address are encouraged to change their Frontwire Studios password on the Account Management Portal. We also recommend enabling 2-factor authentication on your account. For detailed information on how to enable 2-factor authentication, please check out the following article: Support.frontwirestudios.com
Should you need help enabling 2-factor authentication, and/or you believe your Frontwire Studios account may have been compromised, please open a support ticket a Support.frontwirestudios.com