Santa Clara University

Information Security Office

Phishing Examples

RSS Subscribe to Phishing Examples

A Phishing Guide: Don't Get Fooled by Emails

Back to Blog

Google Doc Phishing email

Tuesday, May. 6, 2014

 A Google Doc email phishing scam is making the rounds. It tries to trick Gmail and Google Drive users into giving up the username and password for their Gmail account.

The scam starts with an email that urges the recipient to view an "important document" on Google Docs by clicking on a link. But when the recipient clicks on the link, it does not go to Google Docs. Instead, the user gets directed to a fake Google Drive login page (a small difference that most users won't notice) that looks like the Gmail login page. Here, he or she is asked to enter the username and password for their Gmail account.

The fake Google Drive login site looks eerily similar to the real one with Google's signature "One account. All of Google" slogan and the same little icons below for Gmail, Google Drive, Google Maps, Google+ etc.

Symantec reports the only difference seems to be that it doesn't recognize the user (with a photo, if you normally have that on on your Gmail account, although that may not show up on the real site, either, depending whether you have cookies enabled.) 

If the user logs in on the fake Google Drive site, their username and password are sent to a compromised web server. The page will redirect to an actual Google Docs document. The user may not notice anything suspicious, but logging in could have big consequences for their bank account.

In the example posted (click on the thumbnail to view the example), the sender is urging the recepient to click on the Google Doc.

Phishing Tip: To avoid becoming a victim of a phishing attack (it's when scammers try to obtain people's personal and financial information), never click on a link or attachment in an email from a sender you don't recognize. 

Tags: google doc phish, phishing, phishing emails

Information Security Office, 1-408-554-5554,