Head’s up to all Google users (Google Drive, Gmail, Google +, etc.) out there. There is a new phishing scam wreaking havoc on the web, and unlike other phishing scams, this one is really tricky.
How it Works
You see, this scam will get to you in the form of an e-mail with the subject line “Documents” while the body of the e-mail points to a Google Docs link. You will actually be taken to a Google login page that looks legitimate. Because it makes use of a PHP script hiding deceptively in a Google Drive document, you have practically just handed hackers your Google login credentials just by clicking on the link.
Since the fake login page is hosted on Google’s servers and is served over SSL, you wouldn’t think it to be a phishing expedition, especially since your browser’s address bar will show “google.com”. If you’re not meticulous enough and are content with surface-level inspection, then you might fall victim to this scam.
Once the scammers and hackers get a hold of your Google login information, everything store in your accounts is compromised. Some people from the security firm Symantec actually discovered this devious scheme, and fortunately, they decided to make their discovery public to alert all of us.
Here’s a link to the entire report for your reference: http://gizmodo.com/beware-of-this-dangerously-convincing-google-docs-phish-1546278702.
Posted by Colleen D Lane on