“Confidential Document” Phishing Scam Leverages Google Docs

Cybercriminals are trying to harvest usernames and passwords from Google accounts

By on March 18th, 2013 19:21 GMT

No wonder Oxford decided to temporarily block Google Docs a few weeks ago. The number of phishing scams that leverage the service is growing by the day.

The latest example is provided by Hoax Slayer. Emails purporting to carry “confidential documents” attempt to trick recipients into clicking on a link.

“Please view the document i uploaded for you using Google docs. Click here just sign in with your email to view the document its very important. Thank you,” the bogus emails read.

Internet users who fall for it and click on the link are taken to a Google phishing page hosted on Google Docs.

To make everything more legitimate looking, victims are told they must log in to their Google accounts in order to gain access to the “online secured document page.”

The usernames and passwords that protect Google accounts are highly valuable for cybercriminals because they can access a wide range of services. In case you’re a victim of this scam, change your password immediately.

If you want to properly protect your Google account, you can enable two-factor authentication.

1 Comment