Beware of Google Drive Scam

Beware of Google Drive Scam

by Dan Vlasic on 20 March 2014 · 1701 views

1 large Beware of Google Drive Scam

Question – do you always read the URL’s domain name when you get a seemingly legitimate Google notification? Would you expect a Google notification to be a phishing scam? Usually, if you do, you will be able to tell Google notification from a scam by reading the domain name in the browser address bar where a scam will redirect to a non-Google address. However, that is no longer a functional approach because a sophisticated scammer has managed to create a method of stealing your Google login information using Google’s own servers, picture that.

Symantec, a Sunnyvale, California-based security company has recently discovered a phishing attempt using this pattern and posted about the incident on its blog. The scheme comes in the form of an email with the title “Documents,” and prompts its recipients to click on the link embedded in the message to see an important notification waiting for them in their Google Drive.

As you click the link it takes you to a login page hosted on the Google URL and complete with SSL authentication, Secure Sockets Layer. The login page is absolutely identical to that of a Google website, welcoming you to sign in for “One account. All of Google.” If you choose to log in through that page, you will be presented with a Google Drive document containing nothing of great value.

Clearly, the document is not important at all; the important thing here is that the scammers now have your login credentials to your Google account. From there, they can access your Google Drive files, private emails and the worst of all is the payment information for Google Play apps and games.

The saddest part is the trick works because there is no way users can identify the scam – the document is really hosted on Google Drive. Multiply that by the identical to the Google's log in page, and you will get a perfect scam capable of fooling even technically savvy users into submitting their login and password details, not to mention those unaware of the diversity of scam methods.

Nevertheless, paranoid users will be able to spot several red flags in this otherwise immaculate scam. First, the initial email does not come from official Google email address, even though the display name indicates an authentic Google address. Second, clicking on links in emails is usually a very bad and dangerous practice, although in this case, you wouldn't even suspect a scam because the document is hosted on a legitimate Google Drive server, a verified Google page. Third, if you receive an email like this in your Gmail, why would you have to log into your Google Drive? You should be able to see your GoogleDrive automatically since you are already logged in your Google account.

Normally whenever you get the mail message supposedly coming from such a huge organization as Google, it might be a good idea to check the content of the email on the company’s official website, or Twitter feed because Google usually posts updates about changing policy practices or terms of service on its website and Twitter feed, informing millions of its users on a grand scale.

If you have fallen victim for this phishing scam, make sure you change your password and security question as soon as possible, and consider enabling two-step authentication for your Google account. Did you read our Comprehensive Guide to Secure Passwords article yet?

Comments (0)
Featured Articles