Skip to main content

Google Docs Exploited in Gmail De-activation Phishing Scam

Phishing mails asking users to enter their account username and password for “verification” in order to avoid dire consequences is all too common. As anyone who knows the basic anti-phishing procedures will tell you, one of the primary things to look out for is the domain where the verification page takes you to. In all phishing attempts, this is always hosted on an outside site.

But in a recent phishing scam brought to light by security firm Sophos, phishers are attempting to overcome this precaution by using Google Docs to host their phishing forms.

Here's what the message looks like:

google-docs-phishing

Subject: De-Activation Alert!

Dear Gmail Account User,

Due to the congestion in our Gmail database, We will be shutting down all unused accounts before on the 30th of June. You will have to re-confirm your account as soon as possible to enable us upgrade your account before the deadline date.

To confirm your account kindly fill the account verification form.

After Following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request.
[LINK]

We apologize for any inconvenience.
Thanks & Regards,
Engineer.J.Williams
Upgrade Team Controller

If you pay close attention, there are already a few instances that should send your warning bells ringing, such as the improper capitalization of “Following” and grammatical mistake in the phrase “before on the 30th of June”. Even “Upgrade Team Controller” doesn’t sound quite right.

Assuming you missed those signs, there is still the URL to verify whether the email is legitimate. But as the link does point to a webpage hosted somewhere on Google.com, some computer users may believe that the form they are being directed to must be genuine. However, it is actually pointing to a spreadsheet on Google Docs that anybody can create.

By using Google Docs to host their form, phishers are hoping that potential victims will believe it's a genuine Google resource as it is hosted at an authentic Google URL.

As always, users shouldn't forget that no organization, be it Google or your bank, ever asks users to verify their accounts by giving them their passwords. If you receive such email you should ignore it.

[via Search Engine Journal]

Labels:

Comments

Post a Comment

Popular posts from this blog

How to Schedule Changes to Your Facebook Page Cover Photo

Facebook’s current layout, the so called Timeline, features a prominent, large cover photo that some people are using in a lot of different creative ways. Timeline is also available for Facebook Pages that people can use to promote their website or business or event. Although you can change the cover photo as often as you like, it’s meant to be static – something which you design and leave it for at least a few weeks or months like a redesigned website. However, there are times when you may want to change the cover photo frequently and periodically to match event dates or some special promotion that you are running or plan to run. So, here is how you can do that.
1 comment
Read more

69 alternatives to the default Facebook profile picture

If you have changed the default Facebook profile picture and uploaded your own, it’s fine. But if not, then why not replace that boring picture of the guy with a wisp of hair sticking out of his head with something different and funny?
332 comments
Read more

How to Record CPU and Memory Usage Over Time in Windows?

Whenever the computer is lagging or some application is taking too long to respond, we usually fire up task manager and look under the Performance tab or under Processes to check on processor utilization or the amount of free memory available. The task manager is ideal for real-time analysis of CPU and memory utilization. It even displays a short history of CPU utilization in the form of a graph. You get a small time-window, about 30 seconds or so, depending on how large the viewing area is.
17 comments
Read more