Thursday, March 28, 2024
Search
  
Friday, March 14, 2014
 Google Docs Users Targeted by Phishing Scam
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: Symantec has recently disclosed a sophisticated scam targeting Google Docs and Google Drive users.

The security firm says that the scam uses a simple subject of "Documents" and urges the recipient to view an important document on Google Docs by clicking on the included link.The link doesn't go to Google Docs, but it does go to Google, where a convincing fake Google Docs login page is shown -- similar to the one used across Google's services.

It is very impressive that the fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing.

Synantec says that the scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly-accessible URL to include in their messages

After pressing "Sign in", the user’s credentials are sent to a PHP script on a compromised web server.

This page then redirects to a real Google Docs document, making the whole attack very convincing.


 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2024 - All rights reserved -
Privacy policy - Contact Us .