It’s not uncommon to come across phishing emails that point to pages perfectly replicating the legitimate site of the company whose name is involved in the scam. Security experts have found a couple of phishing campaigns that rely on Google Docs to make them look more genuine.
One of the malicious emails targets ANZ Bank customers and because ANZ is one of the largest financial institutions in Australia, many recipients may tend to trust the notification.
“ANZ Bank has a strict policy to ensure that all our customer online banking details are secure and updated regularly,” reads part of the phony email provided by Sophos’ Naked Security blog.
“This is done for your own protection because some of our clients no longer have access to their online banking service due to fraudulent activities suspected by the bank management.”
The link found in the email points to a Google Docs form which requires the victim to provide sensitive information, including full name, email address, customer registration number and password.
Cybercriminals rely on this tactic because this way they don’t have to worry about finding a good free host. With the functions provided by the Google Docs interface, the crooks can design a great interface, automatically generate emails to lure victims, and all the collected data is stored in a spreadsheet that can later be easily accessed.
Furthermore, the google.com URLs use HTTPS, which makes the entire scam look even more legitimate.
Experts warn that even though some of the details included in these phishing schemes give them a certain “aura of legitimacy,” users are advised to look for other details that give away the plot’s true identity.
Bad grammar and spelling, shady sender addresses, and notifications that request private data, usually hint to a malevolent purpose.
The second variant targets the customers of an online portal belonging to a major North American educational institution.