Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories
Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam
By Joy Hou - on 14 Mar 2014, 5:33pm

Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam

In its latest blog entry, Symantec warns of an ongoing intricate scam targeting Google Docs and Google Drive users.

With a simple subject "Documents", the scam gets the recipient to view an important document on Google Docs by clicking on the included link. The link will take you to a seemingly authentic Google Docs login page, which is actually hosted on Google's servers and served over SSL, making the page more credible and trustworthy to users.

Google Docs phishing login page.

As it's very common to be prompted with a login page like this when accessing a Google Docs link, people may enter their credentials without much thought. However, after hitting "Sign in", their credentials are sent to a PHP script on a compromised web server. The page then starts loading a real Google Docs document, further convincing users that the site is legitimate.

Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content.


Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.