A phishing scam swept the internet this week, prompting many users to caution each other when opening emails.
The virus in question popped up as an email with the subject line 鈥渄ocuments.鈥� It usually appeared as though it came from a Google.com domain and extended a link to a Google document form but according to Gizmodo, that was not the case.
After clicking on the 鈥渄ocument鈥� link, it took users to a fake login page that looked just like the real Google login page.
The scam used a Google.com URL as well as a Google SSL encryption making the scam that much harder to notice.
Scammers used this method to trick others into putting in their credentials which were then sent to a PHP script on a compromised server.
A symantec security expert explained the situation in a blog, according to Gizmodo. He said 鈥淭he fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.鈥� Google announced that the issue was resolved on Wednesday afternoon but if you are still worried about being scammed, here is what to do.
SECURITY CHECK UP CENTER
The first suggestion is to not click on links in emails from someone you might not know, especially if the subject line just says 鈥渄ocuments.鈥� Second, if you do show up at the login screen then see if it recognizes you as a Google user. If it does not, then that is a clear sign it is part of a phishing scam.
What to do if you fell for the scam:
Sign in to the affected Google accountVisit Google鈥檚 鈥淪ecurity Checkup鈥� pageGo to the 鈥淎ccount Permissions鈥� sectionLook for 鈥淕oogle Docs鈥� and hit 鈥淩emove鈥�
A phishing scam swept the internet this week, prompting many users to caution each other when opening emails.
The virus in question popped up as an email with the subject line 鈥渄ocuments.鈥� It usually appeared as though it came from a Google.com domain and extended a link to a Google document form that was not the case.
After clicking on the 鈥渄ocument鈥� link, it took users to a fake login page that looked just like the real Google login page.
This content is imported from Facebook.
You may be able to find the same content in another format, or you may be able to find more information, at their web site.
The scam used a Google.com URL as well as a Google SSL encryption making the scam that much harder to notice.
Scammers used this method to trick others into putting in their credentials which were then sent to a PHP script on a compromised server.
A s the situation in a blog, according to Gizmodo. He said 鈥淭he fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.鈥�
Google announced that the issue was resolved on Wednesday afternoon but if you are still worried about being scammed, here is what to do.
The first suggestion is to not click on links in emails from someone you might not know, especially if the subject line just says 鈥渄ocuments.鈥� Second, if you do show up at the login screen then see if it recognizes you as a Google user. If it does not, then that is a clear sign it is part of a phishing scam.
What to do if you fell for the scam:
- Sign in to the affected Google account
- Visit Google鈥檚 鈥淪ecurity Checkup鈥� page
- Go to the 鈥淎ccount Permissions鈥� section
- Look for 鈥淕oogle Docs鈥� and hit 鈥淩emove鈥�
