Phishing Alert: Secure Document Sent Using Google Docs

The malicious emails purport to come from a financial institution

By Eduard Kovacs on August 29th, 2013 19:01 GMT

Would you click on a link that allegedly points to a “secure document” sent to you by a financial organizations using Google Docs? You probably shouldn’t.

That’s because cybercriminals are currently sending out such emails in an effort to trick users into handing over their login credentials.

The emails analyzed by Sophos experts are titled “Secure Document” and they read something like this:

“Hello,

A Secure Document was sent to you by your financial institute using Google Docs.
Follow the link below to visit Google Docs webpage to view your Document

Follow Here. The Document is said to be important.

Regards.
Happy Emailing,
The Gmail Team”

Users who click on the link are taken to a fake Google website that instructs them to log in to their email account. However, it doesn’t necessarily have to be Gmail. It can also be Outlook, Yahoo, AOL, Comcast, Verizon, or another email account.

This way, the cybercriminals can collect credentials for a wide range of accounts.

It’s important to beware of such phishing emails, even if you don’t have any important information stored in your email account. As Sophos’ Chester Wisniewski highlights, email accounts can often be leveraged to access more important online assets, such as banking accounts.
Phishing website
   Phishing website
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

4 Comments