News Categories

Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam

By Joy Hou - on 14 Mar 2014, 5:33pm

Symantec: Google Docs Users Targeted by Sophisticated Phishing Scam

In its latest blog entry, Symantec warns of an ongoing intricate scam targeting Google Docs and Google Drive users.

With a simple subject "Documents", the scam gets the recipient to view an important document on Google Docs by clicking on the included link. The link will take you to a seemingly authentic Google Docs login page, which is actually hosted on Google's servers and served over SSL, making the page more credible and trustworthy to users.

Google Docs phishing login page.

As it's very common to be prompted with a login page like this when accessing a Google Docs link, people may enter their credentials without much thought. However, after hitting "Sign in", their credentials are sent to a PHP script on a compromised web server. The page then starts loading a real Google Docs document, further convincing users that the site is legitimate.

Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content.

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.