Login to Google Docs

February 19, 2016 – 06:39 pm

Beware of This Dangerously Convincing Google Docs Phishing Scam

A very tricky phishing scam that takes advantage of Google Docs is making its way around the web. And since it uses a google.com URL and even makes use of Google's SSL encryption, it's almost impossible to tell that it's a hack. Your best safeguard, as always, is a little bit of common sense.

This phishing scam starts like many other phishing scams: with an email. The malicious message reportedly arrives with the subject line "Documents" and points to a Google Docs link. Again, it shows up in the address bar as a google.com domain and takes you to a fake log-in page that looks just like the real Google login page. This is how the hackers get you.

"The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing, " Symantec security expert Nick Johnston explained in a blog post. "The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages."

Once you log in through the fake page, you'll even be taken to an actual Google Doc. Your credentials will be sent to PHP script on a compromised server. You may never even know they've been swiped. Unless, of course, you don't fall for the scam in the first place.

To do this just watch out for two things. One, be careful clicking links in emails. If you receive an email from someone you don't know with a subject line like "Documents, " it's probably up to no good. Second, if you show up at the log-in screen, you should notice that it doesn't recognize you as a Google user (if you are a Google user). That's the fake log in page pictured above to the left and a real Google log in page to the right. So if it seems strange that you have to log in again, beware.

Actually, just beware in general. These phishing scams are getting scary sophisticated. We've reached out to Google to see what they're doing to safeguard users from this one. [Symantec via The Hacker News]

Update: Google got back to us and said the problem is fixed. A statement from their press team reads:

Source: gizmodo.com

Google Docs Tutorial

Google Docs Login Tutorial

Google Docs

Genuine Dell FW67Y Latitude E4200, E4300, E4310, E6410, E6510, Precision M4500 M6500 Latitude ON Flash Fast-Boot Module Card Chip Compatible Part Numbers: FW67Y, 0FW67Y, SSDR, 2, USB, HALF, MCARD, UNFL, SMR
PC Accessory (Dell Computers)

Genuine Dell Latitude ON FLASH Module/ Chat and VoIP Chat capabilities supporting ICQ, MSN, Google Talk, AIM, Yahoo Messenger services. / VoIP allows text, voice...
Read Microsoft Office 2, XP, 2, 2003, 2007 and 2010 docs. Also, Adobe PDF 8.1 (requires internet connection) / Edit Microsoft Office 2, XP, 2, 2003 and 2007 documents...
Supports IT pushed upgrades. User policies include Remote delete/wipe data, lock screen (after specified inactivity), force password change, delete accounts, failed...
Supports JAVA, Adobe Flash, Remote Desktop - Citrix, Remote Desktop - VMware, and Remote Desktop - RDP
Dell Part Number: FW67Y 0FW67Y SSDR,2,USB,HALF,MCARD,UNFL,SMR Fast boot in 8-10 seconds / WiFi and LAN 10/100/1 networking capabilities / Secure environment with...