Wednesday, October 28, 2015

Google Docs Phishing

Google Docs Phishing Campaign.

Gmail users beware: a very convincing, very deceitful, phishing scam has been making its way around the Internet. The scam targets Google Doc and Google Drive users with a lookalike login page designed to steal your username and password.

The Google Docs phishing scam is a textbook example: it aims to trick you into handing over sensitive login details, and it does exceptionally well. The scam starts with an email referring to an “important document” stored on Google Docs. Clicking on the link in this message will take you to what appears to be a Google Docs login page—but it’s not. This fake login page allows scammers to collect your username and password for their own malicious use.
Unfortunately for Gmail users, the page in this case is remarkably convincing—emulating Google’s typical login page. And here’s the clincher: because this scam is hosted on Google’s servers (the scam is, after all, a public folder on Google Drive) it effectively sidesteps one of the more reliable ways to detect a phishing scam. Generally speaking, phishing URLs are one or two characters different from the official website that they’re masquerading as. To top things off, because the scammers were hosting this attack on Google’s servers, the URL appears to be secure.
This attack on Google Doc users is especially troubling as Google uses a single login across all of their services. If the scammers successfully obtained login credentials for your Google Docs, they’d also be able to access your email, Chrome browsing history (including searches), YouTube account, and perhaps even be able to make purchases through the Google Play store if you’ve previously registered your payment information.
Despite the sophistication of this scam, there’s light at the end of the tunnel. After its discovery earlier this week, Google has successfully removed the phishing pages. They’ve also stated that their “abuse team is working to prevent this kind of spoofing from happening again.”
While this particular attack seems to have been vanquished, phishing scams in general are on the rise. By being aware of how these scams operate, and how to detect them, you’re well on your way to protecting yourself from the Internet’s many bad guys.
Follow the steps below to help avoid falling victim:
  • Double check your URL address. Most of the time, a phishing URL will have some reference to the entity it’s pretending to be, but with some form of variation. For example: www.google.com will take you to Google; www.googl.e3921.com (as an example) will take you to a crash page—but it could also take you to a phishing scam website. That being said, do be aware that the scam described above uses a legitimate Google URL and could trick even the most thorough of skeptics.
  • Don’t send banking or login information via email or text. Professional services will never ask you to send sensitive information over email or text messages. They just don’t. At the bare minimum, they’ll ask you to sign into your account on their website (remember to check the URL) in order to address any sensitive information. If you’ve received an email asking for transmittal of financial or login details via email, you’d be wise to delete it.
  • Watch the links. Be wary of linking on links sent to you over email, text message or social media sites. Most are harmless, but the ones sent to you by someone you don’t know, or a business that you didn’t sign up for, could send you to a malware-infested site.
  • Install comprehensive security software. As always, practice caution, and protect yourself online with comprehensive security services like McAfee LiveSafe. It will help block spam and dangerous email, as well as guard against malware and viruses on your PCs, Macs, smartphones and tablets.