Trusteer's Amit Klein has investigated the phishing scam

Apr 4, 2014 15:46 GMT  ·  By

There are some phishing scams designed to help cybercriminals in harvesting several types of email account login credentials, including for Yahoo, Google, Windows Live and AOL. These attacks are pretty common, but every once in a while, cybercriminals decide to make some changes.

Trusteer’s Amit Klein has found a new variant of an old phishing scam after receiving a suspicious email from one of his business associates whose enterprise email account was probably compromised.

The email only read, “Hello, Please check the docs I have attached to you.”

When launched, the attachment opens a webpage containing a link on the text “downloaded attached.” Clearly, the attacker’s first language isn’t English, but still, many people might click on the link to download the attachment.

When the link is clicked, victims are taken to a phishing page hosted on what appears to be a compromised website. Here, internauts are asked to select their email provider and enter their login credentials. Users can select Yahoo, AOL, Gmail, Windows Live or “other emails.”

After they enter their credentials on the phishing site, users are directed to a “Server Busy” page and then to the official Google Drive website.

For additional details on this phishing scam, check out Trusteer’s blog. If you’re a victim of the attack, change your passwords immediately and be on the lookout for any suspicious emails that might land in your inbox.