Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Google Drive Email Phishing Scam

Outline
'Urgent' email requests recipients to click a link to view a document that the sender uploaded using Google Cloud Drive.

Phishing

© Depositphotos.com/ weerapat



Brief Analysis
There is no document to be viewed, urgent or otherwise. The email is a phishing scam designed to trick recipients into giving their email login details to Internet criminals.

Bookmark and Share

Example

Hello,

Kindly click the link to view the document I uploaded for you using Google
cloud drive.

[Link removed]

Just Sign in with your email to view the document, it is very important.

Thank you,

--
Rev. Dr. Karen [Surname Removed]
Serving Humanity Spiritually
[Phone number removed]


Good works are links that form a chain of love.

Mother Teresa

Screenshot of phishing website:

Google Drive Phishing Scam



Detailed Analysis
This supposedly urgent email, which purports to be from a 'Rev. Dr.', asks recipients to click a link to view a very important document that has been uploaded to Google Drive. The email instructs users to sign in with their email details to see the document.

However, there is no urgent document waiting for recipients as claimed. Users who fall for the ruse and click the link as instructed will be taken to a bogus website that includes the Google Drive logo along with a login screen that asks for both their email address and email password.

If users submit their email credentials as requested and click the 'View document' button, they will be redirected to Google's Gmail home page.

Meanwhile, however, their email address and password will be sent to online criminals. The criminals can use the stolen details to hijack webmail accounts belonging to victims. Hijacked accounts can be used to perpetrate more scam and spam campaigns, all in the names of the victims.

If victims submitted details for a Gmail account, the scammers may be able to use the same login information to access other Google services as well as email.

Such phishing ploys are very common. Be very wary of any email that asks you to provide your email account login details by clicking a link or opening an attached file.

Bookmark and Share

Last updated: March 25, 2014
First published: March 25, 2014
Written by Brett M. Christensen
About Hoax-Slayer

References
'Confidential Document' Google Docs Phishing Scam
Gmail 'Update Account' Phishing Scam





Go to Mobile Version