Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Google Drive Phishing

Published: 2013-11-13
Last Updated: 2013-11-14 17:03:42 UTC
by Mark Hofman (Version: 1)
4 comment(s)

In the past we have seen malware being delivered via Google Docs. You would receive an email stating that a document had been shared and when you clicked the link bad things would start to happen.  In recent weeks the same approach has increasingly been used to Phish.  You would receive an email along these lines: 

Hello,
 
We sent you an attachment about your booking using Google Drive
 
I have sent the attachment for you using Google Drive So Click the Google Drive link below
to view the attachment..
<button>Google Drive</button>

Once the link is clicked you are sent through to a web site where you are presented with the following screen:

Clicking on any of these will ask you for a userid and password for that service.  The link in the email should be easily recognised by people as obviously not being a Google link, but many still do not check this.  If you are doing an awareness campaign or reminder, maybe include some info on recognising phishing links. 

Cheers

Mark 

 

 

 

 

Keywords:
4 comment(s)
Diary Archives