Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 151 - April, 2013 (1st Edition) - Page 23

'Confidential Document' Google Docs Phishing Scam

Issue 151 Start Menu

Previous Article

Outline
Email asks the recipient to click a link to view an important confidential document in Google Docs.

Google Docs Phishing

© Depositphotos.com/designsstock



Brief Analysis
The message is a scam designed to steal Google Account Login details. The link leads to a fake Google Account login page. Login details submitted on the fake page will be collected by criminals and used to hijack real Google accounts.

Bookmark and Share
Example
Subject: Confidential Document

Please view the document i uploaded for you using Google docs. Click here just sign in with your email to view the document its very important.

Thank you.


Detailed Analysis
According to this email, an important and confidential document has been uploaded to Google Docs for the recipient to view. The recipient is invited to click a link and sign in with his or her Google account login details in order to read the message.

However, the link does not lead to a Google document, confidential or otherwise. In fact, the message is a rather crude phishing scam designed to trick recipients into revealing their Google account details to Internet criminals. Those who click the link will be taken to a fake Google login page as shown in the following screen shot:




Google Docs Phishing Scam
The login details submitted on the fake form will be collected by criminals and used to hijack Google accounts belonging to victims. Once armed with this information, the criminals will be able to access multiple Google services owned by the victim, including Gmail, Google Drive, Google+, Youtube and others. The criminals can then use these hijacked accounts to pose as their victims and launch ongoing spam and scam attacks. They will also be able to access and misuse private information stored in these services.

Although it is quite an unsophisticated attempt, this scam may nevertheless trick some less experienced or unwary users into complying with instructions and logging in on the fake site. Some may be so curious to see the "confidential document" that they follow the link without due forethought.

It is always safest to login to any and all of your online accounts by entering the address into your browser's address bar rather than by clicking a link in an email.

Bookmark and Share

Last updated: March 18, 2013
First published: March 18, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Friend Stranded in Foreign Country Scam Emails



Previous Article

Issue 151 Start Menu

Pages in this issue:
  1. Viral Facebook Message Falsely Claims that a Pictured Man is Posing as an RSPCA Officer and Stealing Dogs
  2. 'Bad Brit' - Nigel Farage and the Tory Party's Worst Nightmare
  3. Digital Pad ATM Skimming Device Warning
  4. UK National Lottery Scams
  5. Gun Owner Vehicle Tagging Hoax
  6. Carol's Story - Dating Scam
  7. Message Calls For Boycott of Starbucks For Its 'Attack on Traditional Marriage'
  8. Ransomware Warning
  9. Use Left Ear For Mobile Phone Hoax
  10. Bogus Warning - White Transit Van 'RH57 WSU' Trying To Steal Dogs
  11. Urban Legend - Couple Arrested at Airport with Dead Baby Stuffed With Drugs
  12. ACH Processing Service Malware Email
  13. Baby With Bong Protest Message
  14. Linda Singh - Blackberry Money for Forwarding Hoax
  15. Hoax - 'Punjab Rape Festival'
  16. Beware - 'Unsealed' Product Giveaways on Facebook
  17. DHL Notification Malware Email
  18. Fake CNN Emails About Pope Point to Malware
  19. Angolan Witch Spider - Giant Spider Hoax
  20. Bogus Health Warning - Scratch Card 'Silver Nitro Oxide' Coating Causes Skin Cancer
  21. March 2013 - Five Fridays, Five Saturdays, Five Sundays
  22. Australian Tax Refund Scam Email
  23. 'Confidential Document' Google Docs Phishing Scam