Fake ‘Urgent Order’ Phishing Emails Use Google Docs to Collect Passwords

Hackers have gone deep sea phishing in the ocean full of potential Google Account holder users in a recent phishing scam from a bogus Google Docs 'important Google document' login screen.

It seems to a perpetual influx of new phishing scams just about every day has hackers utilize fresh bait to victimize computer users through the use of legitimate entities. This time the fresh bait comes by way of a fake Google Docs account login from a message claiming that a document needs review. The notification as show in Figure 1 below, reading: "Please view the document i uploaded for you using Google docs. Click here just sign in with your email to view the document its very important. Thank you" is one to be on the lookout for as it is known to compromise a Google Account user's login credentials.

Figure 1. Fake Google Docs login screen asking for login information - source: net-security.org

Not only have hackers who initiated this latest phishing attack used a plagiarized Google account login screen to phish login information, but they have taken to utilize other popular sources to foil computer users. In particular, an entity used to trick computer user's out of their login information is one using an AOL login screen as demonstrated in Figure 2 below. This one asks for the login details of one's AOL account, which would lead to giving a hacker unadulterated access to a victimized computer user's AOL account.

Figure 2. Fake AOL Sign In pop-up phishing attack – source: news.softpedia.com

When potential victims click on the links or sign in on these phishing attacks, they are taken to a legitimate Google Docs document as shown in Figure 3 below. This technique is rendered mainly to avoid spam filters. The phishing page they are redirected to is not hosted on Google Docs, it is a document containing a link to a malicious site. Once the site is loaded, the user is given the choice of logging into their choice email provider, AOL, Google, Yahoo, Windows Live etc. Unfortunately, after they click on 'Sign In' or 'Submit', the damage is already done, and their account login information is transmitted to a hacker on the receiving end of this phishing attack.

Figure 3. Fake Google Docs document with a malicious link – source: news.softpedia.com

In the event that you come across a screen as shown in Figure 1 or Figure 2 above, you should then use extreme caution by not entering your login details. If you suspect any of your accounts being compromised, you should immediately change your password.