You can usually tell a real Google notification from a scam by reading the URL’s domain name, and a message that redirects you to a non-Google address is sure to be a scam. Recently, a sophisticated phisher has come up with a way of taking Google login information by using the company’s own servers against it.
Sunnyvale, Calif.-based security firm Symantec found the phishing attempt and reported the incident on its blog. The scam comes in an email titled “Documents” and tries to get you to click on an included link to check out an important message on Google Drive.
This link leads to a login page hosted on a legitimate Google URL, complete with Secure Sockets Layer (SSL) authentication. The login prompt is identical to that of a real Google site, inviting you to sign in for “One account. All of Google.” Those who log in get access to a Google Drive document that says nothing of great importance.
The document isn't the point, of course, the point is that the phishers now have access to your Google account. This gives them access to Google Drive documents, private email, and possibly the worst is payment information for Google Play.
The trick works because the luring document is actually hosted on Google Drive. Combined with the deceiving login page, this trick could theoretically fool the tech savvy as well as the uninformed.A cautious person would spot a few red flags in this bold scam. First of all, the email itself does not come from an official Google email address, even if its preferred display name indicates otherwise. Clicking on links embedded in emails is also generally a bad practice, although in this case, even copying and pasting it would still bring you to a “verified” Google page. A company usually won't institute policy changes without informing you on a grand scale.
Don’t feel too bad if you got tricked by this one, but change your password as soon as possible, and consider two-step authentication for your Google account.
Contact us for a free network evaluation and see how we can be your IT solution.