Watch out: New advanced phishing attack targeting Google login credentials

Watch out: New advanced phishing attack targeting Google login credentials
Researchers over at security firm Symantec have come across a new advanced phishing attack aimed at stealing your Google credentials.

The new attack specifically targets Google Docs and Google Drive users. An email will hit your inbox with a subject line of "Documents" or similar, claiming there is an 'important document' stored in Google Docs that you can open by clicking the included link.



By clicking, you are directed to a Google Docs login page where you are required to input your username and password. The page looks just like the official login page Google uses when you have not signed in for an extended period of time.

The attackers have created a folder on Google Drive to host the phishing page, so the address bar does show Google.com, making the phish very clever for unsuspecting victims.

"The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing," Symantec security expert Nick Johnston says. "The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages."

"This page then redirects to a real Google Docs document, making the whole attack very convincing. Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content," Johnston concluded.

As always, the best way to avoid such a phish is to always login to anything by going to the site or service yourself and not through a link, no matter where it supposedly has come from.

Written by: Andre Yoskowitz @ 18 Mar 2014 14:03
Tags
Phishing google drive
Advertisement - News comments available below the ad
  • 3 comments
  • ronatola

    ummm...why doesn't Google just delete the shares that Symantec is aware of?

    21.3.2014 19:03 #1

  • cart0181

    Originally posted by ronatola: ummm...why doesn't Google just delete the shares that Symantec is aware of? that was my first thought as well...

    22.3.2014 00:03 #2

  • xboxdvl2

    was it weird this article was published couple of days after i got flash updater virus shorty after loggin into google+.

    ^^ if people are targetting google users then maybe google (or something related to google) is what gave me the virus.

    custom built gaming pc from early 2010,ps2 with 15 games all original,ps3 500gbs with 5 games all original,yamaha amp and 5.1channel surround sound speakers,46inch sony lcd smart tv.

    22.3.2014 17:00 #3

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud