A phishing scam swept the internet this week, prompting many users to caution each other when opening emails.
The virus in question popped up as an email with the subject line “documents.” It usually appeared as though it came from a Google.com domain and extended a link to a Google document form but according to Gizmodo, that was not the case.
After clicking on the “document” link, it took users to a fake login page that looked just like the real Google login page.
The scam used a Google.com URL as well as a Google SSL encryption making the scam that much harder to notice.
Scammers used this method to trick others into putting in their credentials which were then sent to a PHP script on a compromised server.
A symantec security expert explained the situation in a blog, according to Gizmodo. He said “The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.” Google announced that the issue was resolved on Wednesday afternoon but if you are still worried about being scammed, here is what to do.
SECURITY CHECK UP CENTER
The first suggestion is to not click on links in emails from someone you might not know, especially if the subject line just says “documents.” Second, if you do show up at the login screen then see if it recognizes you as a Google user. If it does not, then that is a clear sign it is part of a phishing scam.
What to do if you fell for the scam:
Sign in to the affected Google accountVisit Google’s “Security Checkup” pageGo to the “Account Permissions” sectionLook for “Google Docs” and hit “Remove”
A phishing scam swept the internet this week, prompting many users to caution each other when opening emails.
The virus in question popped up as an email with the subject line “documents.” It usually appeared as though it came from a Google.com domain and extended a link to a Google document form that was not the case.
After clicking on the “document” link, it took users to a fake login page that looked just like the real Google login page.
This content is imported from Facebook.
You may be able to find the same content in another format, or you may be able to find more information, at their web site.
The scam used a Google.com URL as well as a Google SSL encryption making the scam that much harder to notice.
Scammers used this method to trick others into putting in their credentials which were then sent to a PHP script on a compromised server.
A s the situation in a blog, according to Gizmodo. He said “The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.”
Google announced that the issue was resolved on Wednesday afternoon but if you are still worried about being scammed, here is what to do.
The first suggestion is to not click on links in emails from someone you might not know, especially if the subject line just says “documents.” Second, if you do show up at the login screen then see if it recognizes you as a Google user. If it does not, then that is a clear sign it is part of a phishing scam.
What to do if you fell for the scam:
- Sign in to the affected Google account
- Visit Google’s “Security Checkup” page
- Go to the “Account Permissions” section
- Look for “Google Docs” and hit “Remove”
