Google Docs Phishing Scam on the March

By Steve Anderson May 04, 2017

Phishing scams are common these days, mainly because they work so well. Said scams attempt to get access to people's accounts and personal information by posing as something familiar and legitimate. A new phishing scam that emerged recently is built around Google Docs; though it's not the first time such a scam has been set up, it's surprisingly well-done, and might well pull some unsuspecting folks in.

The new phishing scam seems to have targeted journalists in general, starting with reporters from BuzzFeed, Vice, and even Gizmodo Media. While some have reported that the email looks slightly off, it's the kind of thing that only makes for vague suspicions. Those who actually click through to the link in question, meanwhile, arrive at a login screen that likewise looks nearly indistinguishable from a standard Google Docs operation.

Those who carry on from there find that this phishing scam manages to imitate real life very well indeed, with an authentic-looking Google.com URL, a link to Google Docs that seems to mesh, and even the ability to choose the account desired to view the document from. A couple points seem to give away the notion that this is a scam, however, as the email seems to be addressed to a string of h's, looking like this: “hhhhhhhhhhhhhh.”  No one's sure just who's behind this particular effort to land free credentials, but many are waiting to hear from Google proper about this new development.

The phishing scam is a bit more insidious than common scams; it's not specifically going after a credit card or something like that, but rather, it's going after account credentials. It could be an espionage effort; perhaps some media outlet is eager to gain an edge by seeing what's coming out on a competitor's website. Maybe it's even a particularly avid reader trying to get a glimpse at tomorrow's news today.

At any rate, it may be a good idea to ignore any Google Docs links that come up for a while, particularly for those in the media.  That's a temporary solution, but one that may work out well; most scammers don't stick to a scheme that doesn't work, which is why ransomware is still a big problem. Google actually responded to this point, noting that those who receive it should report it as phishing within Gmail itself.

Paying particular attention to incoming email may be especially helpful here, as well as working in places other than Google Docs that are a little too specialized to be readily cracked. A few such precautions and much of the threat here may be nullified. Sometimes, that's the best you can do.




Edited by Alicia Young

Contributing Writer

SHARE THIS ARTICLE
Related Articles

Four Reasons to Reach for the Cloud after World Earth Day

By: Special Guest    4/23/2018

The World Earth Day agenda offers a chance to flip the rationale for cloud adoption and highlight environmental benefits that the technology brings pr…

Read More

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More