1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Google Drive Phishing Scam

Discussion in 'Security Updates' started by starbuck, Mar 19, 2014.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    A new phishing scam is circulating one of the more populated regions of the web: Google Drive File Sharing.

    Drive Scam Play-by-Play
    • The scam is initiated by the standard email request to view a shared document on Drive, with a subject line: Documents.
    • Opening the email reveals a link to what is said to be a “very important document.”
    • Clicking on the link leads users to a fake Google log-in page, which is essentially identical to the real one.
    • The fake log-in page is even hosted on Google and contains SSL certification.

    Users who enter their information and “Sign in” are redirected to an actual Google Doc containing irrelevant information. At the same time, and in the background, the user’s Google log-in credentials are sent to the scammer’s web server.

    How to Avoid the Drive Scam
    • Delete any unsolicited invitations to share Google Documents.
    • Do not click on links you receive from people you don’t know.
    • Avoid logging in to Google through emailed links; instead, go to the real Google.com and proceed from there.
    • Stop and think: If you use Gmail and are already logged on to your Google Account, you shouldn’t need to log on again to access Drive.

    Drive Scam Consequences

    As Google’s actual log-in page makes clear, your log-in credentials provide access to “One Account. All of Google.” That means that users fooled by this recent scam provide attackers with access to everything they do on Google. Gmail, Google+, Google Calendar, Google Play – all of Google indeed. This consequence highlights the problem with using just one service provider, and thus one username and password, for all of one’s online activities. Doing so may make things easier for you, but it also makes things easier for the bad guys.


    Source:
    http://blog.emsisoft.com/2014/03/14...icker140319&utm_campaign=newsbox_ticker140319
     
    starbuck, Mar 19, 2014
    #1

Share This Page