Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 176 - April, 2014 (2nd Edition) - Page 9

PHISHING SCAM - 'Click to Read Vital Newsletter'

Issue 176 Start Menu

Previous Article            Next Article

Outline
Email claims that the sender has uploaded a vital newsletter using Google Docs and requests that recipients click a link to gain immediate access by signing in with their email address details.

Vital Newsletter Phishing Scam


Brief Analysis
The email is a phishing scam designed to trick users into giving criminals access to their email accounts and, possibly, other online services. There is no newsletter, vital or otherwise.

Bookmark and Share

Example

Subject: VITAL NEWSLETTER
Hello,
I uploaded this vital newsletter using my google doc. For immediate access CLICK HERE

Sign in with your email.



Detailed Analysis
According to this email, the unidentified sender has uploaded a 'vital newsletter' to Google Docs. Recipients are instructed to click a link in the message to get immediate access to the supposed newsletter.

However, the link does not lead to a newsletter in Google Docs as claimed. In fact, the message is a phishing scam designed to fool recipients into giving their email account login details to online criminals.

Those taken in by the trick will find that clicking the link takes them to a website where they are supposedly required to login with their email details to view the document. Users must choose their email account provider by clicking the appropriate graphic on the bogus website. When they click on the graphic, a new window will pop up that asks for their email address and password:

Vital Newsletter Phishing Scam

After they click the 'Sign In' button, users will then be presented with a spinning 'please wait' notification until being informed that the server is too busy and they should try again later. They will then be automatically redirected to the Google Docs homepage.

The 'server too busy' ruse is apparently designed to provide a reason why users have not been taken to the 'vital newsletter' as promised. Thus, at this point, users may still not realize that they have just been phished.

Meanwhile, the criminals can use the stolen login details to hijack the compromised email accounts and use them to perpetrate further scam attacks, all in the names of the victims. And, since Google and other service providers may use the same login details for multiple services, the criminals may be able to access a lot more than just email.

This type of email phishing is very common and has many incarnations. Be very wary of any unsolicited message that claims that you need to click a link and provide your email account and password to view an 'important' message.

Bookmark and Share

Last updated: April 9, 2014
First published: April 9, 2014
Written by Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
'Confidential Document' Google Docs Phishing Scam
Google Drive Email Phishing Scam



Previous Article            Next Article

Issue 176 Start Menu

Pages in this issue:
  1. SCAM - 'Mermaid Found Inside Shark Video'
  2. HOAX - '15 foot Eastern Brown Snake Found Near Caloundra Golf Course'
  3. Facebook Limiting Posts Warning - 'This is a Test'
  4. SCAM -'R.I.P. Dwayne Johnson' - The Rock is NOT Dead
  5. NONSENSE - 'All Americans Microchipped by 2017'
  6. SCAM - 'Devil's Pool Fall Epic Selfie Video'
  7. Heartbleed Bug - Users Warned to Change All Passwords
  8. HOAX - 'Justin Bieber Admits To Being Bi-Sexual'
  9. PHISHING SCAM - 'Click to Read Vital Newsletter'
  10. RingCentral 'New Fax Message' Malware Email
  11. LIKE-FARMING SCAM - 'Wife Pregnant for 13 Months Needs Prayers'
  12. 'New Voicemail' Pharmacy Spam Email
  13. HOAX: '2 Suns In The Sky On April 21st - Star Meccyroid'
  14. Facebook Promotion, Lottery and Award Scams
  15. April Fools Joke - 'United States to Ban Raw Meat Sales'
  16. iTunes Purchase Receipt Phishing Scam
  17. Dwayne Johnson is NOT Dead
  18. Nails in Cheese Dog Park Warning Message
  19. Product Order Request Money Laundering Emails
  20. Capitec 'Routine Maintenance' Phishing Scam
  21. MALWARE - 'Confidential - ALL Employees Important Document'
  22. SCAM - 'Flight MH370 Found in Indian Ocean Shocking Video'
  23. Lamborghini Giveaway Facebook Like-Farming Scam
  24. Barclays 'Detected Irregular Activity' Phishing Scam
  25. MALWARE - 'Traffic Accident With Your Car' Email
  26. HOAX - 'British Scientists Clone Dinosaur'
  27. Facebook Sick Child Hoax - 'Help Boy with Massive Tumour by Liking, Sharing and Commenting'