This is hitting news sites quickly, because it's spreading like wildfire (one of my suppliers got hit by it) and many news sites have it wrong.
This is a new form of attack, anti-virus will not help and your operating system doesn't matter.
What it is, how it hits:
This attack is being carried out by email, it comes from someone who has you in their list of contacts and claims to be a shared Google document. It is not a shared document, it is an app trying to gain access to your docs.
What it does:
Clicking the link takes you to an actual Google page, the link is legit. The problem is, it is not taking you to a Google Document file shared with you, it takes you to the page that authorizes a program or person to access your Gmail, Docs, Drive and contacts and asks for access. If you click without thinking, it grants them access to everything.
Note that:
A. It won't be flagged as fake because it takes you to your actual Google account. This is how shared documents work, they simply reversed it.
B The attack CANNOT be carried out without you authorizing it.
How to protect yourself:
If you happened to click the link in email, but did not click authorize, you are safe, but following below will let you verify that and see what else has access to your documents.
How to fix it if you got hit or just want to verify you are safe:
If you did click the link, and clicked authorize, go into Gmail, then My Account (it's in the 9 dots on top left), then under "Sign In and Security", click "connected apps and sites", then "Manage Apps". In this you will find a list of things authorized to access your Google files and should be in the order they were authorized, so the last one is most likely the one you need to kill and it should be labeled "Google Docs".
