A very tricky phishing cozenage that takes vantage of Google Docsis making its fashion around the web . And since it habituate a google.com URL and even make use of Google ’s SSL encoding , it ’s almost impossible to tell that it ’s a hack . Your best precaution , as always , is a little bit of vulgar sentiency . Note : This post is from 2014 but has been surfaced by Google in light of another scam . If you are look for information about the May 2017 cozenage , please tick here .
https://gizmodo.com/a-huge-and-dangerously-convincing-google-docs-phishin-1794888973
This phishing scam starts like many other phishing scams : with an email . The malicious message reportedly arrives with the capable line “ Documents ” and points to a Google Docs link . Again , it shows up in the address bar as a google.com domain and have you to a phony logarithm - in page that bet just like the real Google login pageboy . This is how the hackers get you .
“ The fake page is actually hosted on Google ’s server and is served over SSL , making the page even more convincing , ” Symantec protection expert Nick Johnstonexplained in a blog post . “ The scammers have plainly created a folder inside a Google Drive report , marked it as public , uploaded a file there , and then used Google Drive ’s preview feature to get a in public accessible URL to let in in their messages . ”
Once you lumber in through the fake page , you ’ll even be lease to an actual Google Doc . Your credentials will be sent to PHP script on a compromised host . You may never even love they ’ve been swiped . Unless , of course , you do n’t fall for the scam in the first place .
To do this just watch out for two things . One , be careful clicking inter-group communication in e-mail . If you experience an e-mail from someone you do n’t know with a capable air like “ Documents , ” it ’s probably up to no good . Second , if you show up at the logarithm - in concealment , you should note that it does n’t recognize you as a Google user ( if you are a Google user ) . That ’s the fake sign in page pictured above to the left and a real Google sign in page to the rightfulness . So if it seems unusual that you have to access again , beware .
really , just mind in worldwide . These phishing scamsare get shuddery sophisticated . We ’ve reached out to Google to see what they ’re doing to safeguard users from this one . [ SymantecviaThe Hacker News ]
https://gizmodo.com/new-netflix-phishing-scam-tricks-you-into-calling-fake-1535268484
Update : Google catch back to us and said the trouble is fixed . A program line from their press squad reads :
We ’ve dispatch the fake pages and our abuse team is working to prevent this kind of burlesque from happening again . If you think you may have accidentally given out your story entropy , pleasereset your countersign .
GoogleGoogle DocsHackers
Daily Newsletter
Get the best tech , skill , and acculturation news in your inbox day by day .
News from the future , delivered to your present .
You May Also Like
