Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam

Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam

In its latest blog entry, Symantec warns of an ongoing intricate scam targeting Google Docs and Google Drive users.

With a simple subject "Documents", the scam gets the recipient to view an important document on Google Docs by clicking on the included link. The link will take you to a seemingly authentic Google Docs login page, which is actually hosted on Google's servers and served over SSL, making the page more credible and trustworthy to users.

Google Docs phishing login page.

As it's very common to be prompted with a login page like this when accessing a Google Docs link, people may enter their credentials without much thought. However, after hitting "Sign in", their credentials are sent to a PHP script on a compromised web server. The page then starts loading a real Google Docs document, further convincing users that the site is legitimate.

Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content.

All News Categories

News for Past 12 Months

Subscribe to HWZ Here!

Subscribe now to receive latest tech news, articles and promotions straight to your inbox!
By signing up, you indicate that you have read and agreed to the and .

Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.