vermontwhe.blogg.se

But scammers know that we don’t always pay attention to the content of the bar at the top of the internet browsers.īe vigilant Gmail users! And pay attention especially if one of your contacts invite you to view a document on Google drive. This is different from the normal address.

A more discrete visible element of this fraud attempt is the URL used. This phishing attempt targeting Gmail accounts is subtle and many skilled users get caught.

The scammers can then reproduce the process of such phishing attempt. They also take advantage of this access by stealing the address book of the victim. The scammers have now recovered the login / password and then rapidly access the victim’s mailbox. It was not an untimely disconnection but a misleading page displayed by the crooks after having clicked on the request to access Google Drive. Unfortunately, this is where the fraud takes place. Surprised, the person thinks he / she has been disconnected and then enter again his email address and password. But after having clicked on the link, the Gmail login page appears of instead of the expected document. This service is pretty well known to familiar Gmail users. Unlike regular spam, which Gmail does a pretty good job of filtering out, this message not only makes it into your inbox, it gets an added layer of legitimacy by coming from Google itself.This mail invites the recipient to open a document stored on “Google drive”, the cloud storage service of the Internet giant. An email notification created by the scam, which also comes from Google, also contains a potentially malicious link. If tapped, the notification takes you directly to a document that contains a very large, tempting link. On mobile, the scam uses the collaboration feature in Google Drive to generate a push notification inviting people to collaborate on a document. The smartest part of the scam is that the emails and notifications it generates come directly from Google. The scam itself is nothing new – messages asking you to click on dodgy links are as old as the internet itself – but could catch a lot of people off guard. A flaw in the Drive is being exploited to send out seemingly legitimate emails and push notifications from Google that, if opened, could land people on malicious websites. Scammers just found a new phishing lure to play with: Google Drive.