Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

'Confidential Document' Google Docs Phishing Scam


Outline

Email asks the recipient to click a link to view an important confidential document in Google Docs.

Google Docs Phishing
© Depositphotos.com/designsstock

Everstryke offer

Brief Analysis

The message is a scam designed to steal Google Account Login details. The link leads to a fake Google Account login page. Login details submitted on the fake page will be collected by criminals and used to hijack real Google accounts.

Scroll down to read a detailed analysis with references.


Check out Hoax-Slayer's Current Top Five Dumbest Hoaxes


Example

Subject: Confidential Document

Please view the document i uploaded for you using Google docs. Click here just sign in with your email to view the document its very important.

Thank you.


Detailed Analysis

According to this email, an important and confidential document has been uploaded to Google Docs for the recipient to view. The recipient is invited to click a link and sign in with his or her Google account login details in order to read the message.

However, the link does not lead to a Google document, confidential or otherwise. In fact, the message is a rather crude phishing scam designed to trick recipients into revealing their Google account details to Internet criminals. Those who click the link will be taken to a fake Google login page as shown in the following screen shot:

Google Docs Phishing Scam
The login details submitted on the fake form will be collected by criminals and used to hijack Google accounts belonging to victims. Once armed with this information, the criminals will be able to access multiple Google services owned by the victim, including Gmail, Google Drive, Google+, Youtube and others. The criminals can then use these hijacked accounts to pose as their victims and launch ongoing spam and scam attacks. They will also be able to access and misuse private information stored in these services.

Although it is quite an unsophisticated attempt, this scam may nevertheless trick some less experienced or unwary users into complying with instructions and logging in on the fake site. Some may be so curious to see the 'confidential document' that they follow the link without due forethought.

It is always safest to login to any and all of your online accounts by entering the address into your browser's address bar rather than by clicking a link in an email.



Google Docs Phishing Scam

© Depositphotos.com/ maxkabakov


Last updated: March 18, 2013
First published: March 18, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Friend Stranded in Foreign Country Scam Emails






Latest Hoax-Slayer Articles