Sophisticated Google Drive phishing campaign persists
Posted on 22 May 2014.
Symantec researchers are once again warning about a sophisticated and persistent phishing campaign targeting Google users.

The victims are hit with fake emails sporting a subject line that simply says "Documents" and carry a link to the phishing page.

"This scam is more effective than the millions of phishing messages we see every day because the Google Drive phishing page is actually served over SSL from the legitimate Google Drive service itself," they warn.

The corrupted language names in the bottom right drop-down menu are not enough to alert most users to the spoofed nature of the page, as they will most likely believe that it's simply a bug - if they notice the menu at all.

"This script has the same name (performact.php) that we saw in the original Google Docs and Google Drive phishing scam, suggesting that the same group of attackers (or at least the same phishing kit) is involved," the researchers noted.

The danger is even bigger now than before. "Shortly after we published our original blog post, Google reduced prices for Google Drive significantly which surely increased the number of people at risk. Smartphones are now also being sold with premium Google Drive accounts pre-installed, making Google Drive an even more enticing phishing target," they added.

Users who enter their login credentials in this phishing page will not only have them compromised, but will also be redirected to compromised Brazilian website hosting a Trojan, and possibly get infected with malware, too.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th