A new phishing scam is going around that is posing as a reputable Goggle application. The application in question is Google Docs and while the application is perfectly safe, the link that people are getting to sign into the application is not safe. A phishing scam typically involves a person receiving a fraudulent email message that appears to come from a legitimate enterprise, such as a bank or internet provider, that directs the person to a spoofed website, which is a fake website that is meant to look like a legitimate website, so that the person can be tricked into providing their personal information. People in this scam received an email inviting them to open what appears to be a Google Doc, but the email contained a link to the fake Google Docs website, which some people mistook for being the legitimate Google Docs website and signed in. Google provided the following statement in response to the phishing scam,
We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.
It is not yet known what the intent of the person or group that is behind this phishing scam is. The scam took advantage of technology that Google allows any website to use that permits people to log into a website using their Google username and password. The websites can then gain access to information that people have stored with Google. It is important for people to be cautious of any emails that are sent to them that are from unknown senders.
Read the full article here