Google Docs Phishing Scam on the March

By Steve Anderson May 04, 2017

Phishing scams are common these days, mainly because they work so well. Said scams attempt to get access to people's accounts and personal information by posing as something familiar and legitimate. A new phishing scam that emerged recently is built around Google Docs; though it's not the first time such a scam has been set up, it's surprisingly well-done, and might well pull some unsuspecting folks in.

The new phishing scam seems to have targeted journalists in general, starting with reporters from BuzzFeed, Vice, and even Gizmodo Media. While some have reported that the email looks slightly off, it's the kind of thing that only makes for vague suspicions. Those who actually click through to the link in question, meanwhile, arrive at a login screen that likewise looks nearly indistinguishable from a standard Google Docs operation.

Those who carry on from there find that this phishing scam manages to imitate real life very well indeed, with an authentic-looking Google.com URL, a link to Google Docs that seems to mesh, and even the ability to choose the account desired to view the document from. A couple points seem to give away the notion that this is a scam, however, as the email seems to be addressed to a string of h's, looking like this: “hhhhhhhhhhhhhh.”  No one's sure just who's behind this particular effort to land free credentials, but many are waiting to hear from Google proper about this new development.

The phishing scam is a bit more insidious than common scams; it's not specifically going after a credit card or something like that, but rather, it's going after account credentials. It could be an espionage effort; perhaps some media outlet is eager to gain an edge by seeing what's coming out on a competitor's website. Maybe it's even a particularly avid reader trying to get a glimpse at tomorrow's news today.

At any rate, it may be a good idea to ignore any Google Docs links that come up for a while, particularly for those in the media.  That's a temporary solution, but one that may work out well; most scammers don't stick to a scheme that doesn't work, which is why ransomware is still a big problem. Google actually responded to this point, noting that those who receive it should report it as phishing within Gmail itself.

Paying particular attention to incoming email may be especially helpful here, as well as working in places other than Google Docs that are a little too specialized to be readily cracked. A few such precautions and much of the threat here may be nullified. Sometimes, that's the best you can do.




Edited by Alicia Young

Contributing Writer

SHARE THIS ARTICLE
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More