Regular users of Google Docs should watch out because there?s a new phishing scam on the loose and it cloaks itself as Google login page. Just like other scamming and phishing pages, this one is sent to your email, but this is a very tricky Google Docs Phishing Scam.
It uses a Google.com url and it also uses google?s SSL encryption making it very convincing to the unaware. You will find out that you are to become a victim of this phishing scam of your receive an email from an unknown contact with the subject as ?Documents? and it points to a Google Docs link. The words ?google.com? is included in the url so it is very convincing, but the mere fact that you are being sent by an email like this from an unknown person should be suspicious enough.
If you happen to actually click the link, you will be brought to the ?fake? login page, where you have to enter your Google login credentials. From that point, if you actually enter your email and password, that?s going to be it. Your information will be sent to a compromised server and the hackers will obtain your login. They can use this to access your Google services or even purchase apps in the PlayStore.
According to Nick Johnson?s blog on Symantec website, ?The fake page is actually hosted on Google’s servers and is served over SSL, making the page even more convincing. The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive’s preview feature to get a publicly-accessible URL to include in their messages.?
It is very common that you always see the login page whenever you access your Google Docs page, but this is only going to happen if you?re LOGGED out from your account. Obviously enough, if you are already logged in and being asked to enter your login credentials again, you?re in for a rough ride and it is best to stay away from these things.
Google has already taken care of the pages, but there?s a chance that these can come back in a different form. As a rule of thumb, just be wary in general. If you have accidentally given your password this kind of phishing scam, resetting your password as soon as possible is a must.