14 DAY TRIAL // Seeking to steal the Google Account credentials, cybercriminals devise all sorts of schemes to reach their goal, and one of the latest is to send unsuspecting users a link that claims to lead to an item shared via Google Drive.
Users should have their alarm bells ringing loudly if the sender is not known and the URL opens a page that asks for any type of credentials.
The first thing to do is take a gander at the address bar and determine if the link fits the service name that is about to be accessed; in the case of scams it will definitely be different and the connection will be insecure.
A sample of the email claiming to share a file through Google Drive has been caught by MillerSmiles. The subject line of the message is “Guillermo Kuri shared an item with you on (Google drive),” but the name of the apparent sender could be replaced with any other.
The phishing page the link in the email points to seems to be hosted on a compromised website running version 3.9 of WordPress; the website publishing platform is currently at version 4.0. At the moment, the page has been removed from the server.