mh2 Posted March 18, 2014 Posted March 18, 2014 This is one of the best scams I've seen so far as it is using Google Docs and I believe the "conversion ratios" are high. In fact, it is using a google URL and an SSL encryption. [ATTACH=CONFIG]1188.vB5-legacyid=2168[/ATTACH] The only way to avoid this phishing is following the Gizmodo advices: To do this just watch out for two things. One, be careful clicking links in emails. If you receive an email from someone you don't know with a subject line like "Documents," it's probably up to no good. Second, if you show up at the log-in screen, you should notice that it doesn't recognize you as a Google user (if you are a Google user). That's the fake log in page pictured above to the left and a real Google log in page to the right. So if it seems strange that you have to log in again, beware. Source Quote Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Starbuck Posted March 19, 2014 Posted March 19, 2014 Drive Scam Play-by-Play The scam is initiated by the standard email request to view a shared document on Drive, with a subject line: Documents. Opening the email reveals a link to what is said to be a “very important document.” Clicking on the link leads users to a fake Google log-in page, which is essentially identical to the real one. The fake log-in page is even hosted on Google and contains SSL certification. Users who enter their information and “Sign in” are redirected to an actual Google Doc containing irrelevant information. At the same time, and in the background, the user’s Google log-in credentials are sent to the scammer’s web server. How to Avoid the Drive Scam Delete any unsolicited invitations to share Google Documents. Do not click on links you receive from people you don’t know. Avoid logging in to Google through emailed links; instead, go to the real Google.com and proceed from there. Stop and think: If you use Gmail and are already logged on to your Google Account, you shouldn’t need to log on again to access Drive. Drive Scam Consequences As Google’s actual log-in page makes clear, your log-in credentials provide access to “One Account. All of Google.” That means that users fooled by this recent scam provide attackers with access to everything they do on Google. Gmail, Google+, Google Calendar, Google Play – all of Google indeed. This consequence highlights the problem with using just one service provider, and thus one username and password, for all of one’s online activities. Doing so may make things easier for you, but it also makes things easier for the bad guys. Source: http://blog.emsisoft.com/2014/03/14/alert-google-drive-phishing-scam/?ref=newsbox_ticker140319&utm_source=software&utm_medium=newsbox&utm_content=ticker140319&utm_campaign=newsbox_ticker140319 Quote Member of:UNITE
mh2 Posted March 21, 2014 Author Posted March 21, 2014 Stop and think: If you use Gmail and are already logged on to your Google Account, you shouldn’t need to log on again to access Drive. Yes. Totally right! Now, seems like another scam like this is going with Apple where they setup a phishing page on an ea.com domain: http://news.cnet.com/8301-1009_3-57620607-83/hackers-transform-ea-web-page-into-apple-id-phishing-scheme/ Beware folks! Quote Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.