Beware: Google Docs Phishing Emails are circulating

Google Docs Phishing Emails are used by cybercriminals and hackers to obtain credentials from unaware Google Docs users. The cybercriminals and hackers send thousands of Google Docs Phishing Emails daily in the hope to gain credentials from valuable targets.

The Google Docs Phishing Emails which target random people can be identified as phishing emails as they do not target a specific range of people or companies. The Google Docs Spear Phishing Emails are the most dangerous ones on the internet, these spear phishing emails are crafted by cybercriminals or hackers to target specific environments or companies.

google docs phishing 2015
google docs phishing 2015

Google Docs Spear Phishing emails

The Google Docs Spear Phishing Emails are often crafted after the cybercriminals and hackers have obtained information through open source intelligence methods. These methods urge the hackers and cybercriminals to take a look at the social media accounts of possible targets and so on. It is for this reason that security professionals urge their clients, brothers and sisters to secure their social media accounts.

spear phishing
spear phishing

McAfee on Google Docs Phishing Email Scams

The McAfee Security company has published a blog post on Google Docs Phishing Email scams, in the blog post they explain that the Google Docs environment has a daily user rate of 425 million active users and that it means that the cybercriminals and hackers have a very big environment to target.

The McAfee Security team has had contact with the Google security team, and from their conversation they had made the following points:

  • Double check your URL address
  • Don’t Send banking or login information via email or text
  • Watch the links
  • Install comprehensive security software

The points above will allow you to add an extra security layer against phishing attacks which might target you or your (working) environment. There is a lot of information which you can find on the McAfee Security blog, the guys from McAfee write security blogs which can be read by all ages, the topics are often explained very well.

Symantec on Google Docs email scams

The Symantec Security blogger Nick Johnston had reported a Google Docs phishing page which was loaded in a SSL protected website, the page loaded the fake Google login page from a specific crafted Google Docs environment which was set to public and they used a fake domain to increase the phishing hit rate. The Symantec blog continues to explain that once the target had provided their credentials to the Google Phishing page, that they would be redirected to the official Google Docs page, making the Phishing attack very convincing and difficult to identify for unaware users. The Symantec blog often provides insight in advanced persistent threats that target companies and government environments. It is a very good resource for security topics.

Sophos on Google Docs phishing emails

The Sophos security blogger Chester Wisniewski had published a report on a Google Docs phishing attack which claimed to be a “Secure Document” which was being sent to the target via Google Docs.

The Google Docs phishing email contained the following text


Be the first to comment

Leave a Reply