- Majority of threats made since El Paso and Dayton shootings have been made online Thursday 8:00 PM
- Miley Cyrus tweets about cheating allegations and penis cake drama Thursday 6:32 PM
- ‘The Dark Crystal: Age of Resistance’ dazzles with a timely tale Thursday 6:00 PM
- The DOJ emailed a white nationalist blog post to immigration judges Thursday 5:31 PM
- The Amazon rainforest is on fire–and people are using memes to cope Thursday 4:11 PM
- Microsoft contractors listened in on Xbox users Thursday 2:15 PM
- Anti-vaxxer assaults pro-vaccine lawmaker on Facebook Live (updated) Thursday 2:15 PM
- Oreos licked by singer Lewis Capaldi are being auctioned off on eBay Thursday 1:54 PM
- Zach Braff predicted Sean Spicer would be on ‘Dancing With the Stars’ 2 years ago Thursday 1:38 PM
- NYPD sergeant who watched Eric Garner die punished with lost vacation days Thursday 1:27 PM
- Brie Larson haters have a meltdown over a joke about Thor’s hammer Thursday 1:26 PM
- This comedian attempted to make fun of women on Twitter—and it did not go over well Thursday 1:04 PM
- Logan Paul wants to help the Amazon rainforest Thursday 12:36 PM
- Nutaku announces redesign and filters for LGBTQ porn games (updated) Thursday 12:25 PM
- This video of dozens of inflatable mattresses taking off in the wind is perfect Thursday 12:20 PM
Among the most coveted targets of phishing scammers is gaining access to your Gmail account, where you’re probably storing a gold mine’s worth of information. Wednesday’s Google phishing scam gives hackers full control to all your emails and enables them to use your account as a beachhead to target others.
The scheme leverages a legitimate feature that allows other apps to authenticate you through your Google account or gain access to other areas. For instance, Slack uses this feature to allow you to share Google Drive files with another team member. WordPress uses it to enable you to automatically share your posts on your timeline. Other services might use it to allow you to import contacts.
But some applications, like the fake Google Drive app that surfaced Wednesday, will demand full access to your account. (The real Google Drive app doesn’t need your permission to access your account because it’s already part of it.)
This is not the first time that Google app connections were put to ill use. Earlier this year, it was revealed that Unroll.me was using the feature to sell user information to ride-hailing app Uber. Last year, the famous mobile game Pokémon Go was found to accidentally have full access to your Google account (the flaw was later patched).
Unfortunately, a considerable number of users blindly approve app access to their Google accounts without reviewing the requested privileges. Fortunately, you can revoke those privileges. And now’s a good time as any to be worried about who has access to your Gmail account.
How to remove apps from your Google account
A list of all the apps that have access to your account appears. Clicking on each app expands it, providing you with details about what kind of information or features it can access. Be wary of apps that have full access to your account.
To terminate the app’s access to your account, simply click on the Remove button. It’s as simple as that.
Now, go clean up that account of yours.
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.