SECURITY FIRM Symantec has warned of a sophisticated scam targeting Google Docs and Google Drive users.
The scam targets users via a Google Docs login prompt window that will look familiar to many Google users, said the firm.
"We see millions of phishing messages every day, but recently, one stood out," Symantec security expert Nick Johnston warned in a blog post. "The scam uses a simple subject of 'Documents' and urges the recipient to view an important document on Google Docs by clicking on the included link."
The link is of course malicious and drives users to a convincing fake Google Docs login page that prompts the user to input their details.
"The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing," Johnston explained. "The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages."
As it's quite common to be prompted with a login page like this when accessing a Google Docs link, Symantec said that many people will happily enter their login credentials without a second thought.
After the user clicks on "Sign in" on the fake login page, their credentials apparently are sent to a PHP script on a compromised web server.
"This page then redirects to a real Google Docs document, making the whole attack very convincing," Johnston's blog post continued. "Google accounts are a valuable target for phishers, as they can be used to access many services including Gmail and Google Play, which can be used to purchase Android applications and content."
To ensure that you're protected against such scams, take extra precautions when logging into Google Drive and, basically, don't click on any links you receive in unsolicited emails.
"Users should be wary of clicking on links in email messages, and of any form requesting your personal details," Johnston told The INQUIRER in an emailed statement. "For Google services specifically, consider using their two-factor authentication service which supplements passwords with a dynamically changing number accessed either via an app on your smartphone or by text message." µ
Facebook has more influence than meets the eye
Attackers could 'easily compromise' an entire company by exploiting AV security flaws
Nobody knows it, but you've got a secret smiley
Plummeting pound forces firm's hand