Symantec is warning users of a phishing scam that takes advantage of Google Docs that is worming its way around the web. And, since it uses a google.com URL, and even uses Google’s SSL encryption, its could fool even wary users.
However, as Gizmodo points out, just playing it safe, and using some common sense will help you avoid problems.
The scam arrives in your inbox with the subject line “Documents,” and points to a Google Docs link. It shows up in your browser’s address bar as a google.com domain, and it takes you to a fake login page that looks like a genuine Google login page. If you enter your Google login credentials here, the phishers have you.
“The fake page is actually hosted on Google’s servers and is served over SSL, making the page even more convincing,” explains Symantec security expert Nick Johnston. “The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive’s preview feature to get a publicly accessible URL to include in their messages.”
Following your login via the fake page, you’re taken to an actual Google Doc, and your login info is sent to a PHP script on a compromised server.
To avoid becoming a victim of this sly scheme, just be wary and use common sense. First, be careful clicking links in emails. Yeah, we all do it, especially if we think we know the links are genuine, but be careful. Also, if you receive an email from someone you don’t know, and the subject line is something like “Documents,” well, that’s suspicious in itself.
Also, if you are taken to what is supposed to be a Google login screen, and you are a Google user, and it doesn’t recognize you as such, AND you have to login with all your credentials, be VERY wary.