14 DAY TRIAL // Experts warn users to be on the lookout for emails entitled “RE: Urgent Order” which inform recipients about a product request. The malicious notifications are designed to trick internauts into handing over their email account usernames and passwords.
The emails, spotted by MX Lab, read something like this:
“We understand there might be a little difficulty in opening the file which was attached for the product sample which is why we have decided to open a Google document account. Please this product is needed urgently and we are ready to transfer all payment as soon as agreement is reach between the two parties.
Please visit our google document page to view the product below. You will be required to sign in to view it, if you do not have a Google or Yahoo account you can choose ‘Other Email’ to sign in and view it. You can call or email us as soon as possible. Also you can either click or copy the link to a URL.”
It’s worth noting that the message might be confusing for most users, but for the employees of companies that sell products online it might make sense.
When victims click on the link, they’re taken to a legitimate Google Docs document. This technique is most likely used to avoid spam filters.
However, unlike other similar scams, the phishing page is not hosted on Google Docs. Instead, the document only contains a link to a shady website.
On this site, victims are asked to select their email provider (Google, Yahoo, AOL, Windows Live or “other”) and enter their usernames and passwords. Once the information is handed over, the user is directed to another Google document that shows the so-called order.
Take a good look at the email and the phishing pages. In case you come across something like this, be sure to avoid it. If you’re already a victim, change your password, or all of them in case they’re the same for more than one account.
