Guard your Google Login, Clever Google Docs Phishing Scam Spotted
Users are advised to closely inspect Google login pages before typing in their credentials following the discovery of a clever phishing attack campaign hosted on Google’s very own servers.
Symantec researchers were the first to spot the phishing attack, which starts out with an email titled “Documents” inviting the recipient to view an important document stored in Google Docs.
Should the target click on the embedded link, they’ll be taken to a fake, but convincing Google Docs login page that’s hosted on Google’s server & served over SSL.
Screenshot Credit: Symantec
As far as how the tricksters went about getting Google to host the URL, Nick Johnston revealed that on the Symantec blog, “The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive’s preview feature to get a publicly-accessible URL to include in their messages.”
Any login credentials supplied through the fraudulent Google login page are shipped off to another server, and the victim is redirected to a real Google Docs document.
How to Protect Your Google Account
Users can keep their Google account safe by following 2 simple bits of advice:
- Exercise caution when clicking links. Don’t click the Google Docs link if you weren’t expecting a doc to be shared or if you don’t recognize the sender.
- Enable 2-factor authentication on your Google account. You’ll have to enter a unique code (generated via text or Google auth app) every time you login to your Google account, but it’s a lot better than having your account hijacked.