Google Drive Phishing Campaign

Share on facebook
Share on linkedin
Share on twitter

Preferred Business Systems has been made aware of a phishing campaign targeting New Jersey email users and crafted to obtain various email account login credentials. This campaign attempts to convince recipients that they received a document stored on Google’s cloud storage service, Google Drive, and invites them to click an embedded link. If clicked, the link redirects the user to a file stored on Google Drive (Figure 1).

This file includes the text, “You’ve received a secured doc via Microsoft office, click on the view pdf online below to access the document, “ and features the Microsoft Office logo, a PDF icon, and a link embedded in the text “REVIEW DOCUMENT.” The embedded link leads to a phishing page designed to collect various account credentials including Google, Outlook, and Yahoo! (Figure 2). If any options are selected, a pop-up window appears, requesting the victim’s email address, phone number, and password to sign into their account (Figure 3). Any information entered into the fields will be transmitted to the hackers behind the campaign.

Preferred Business Systems recommends never using links provided in unsolicited emails to visit websites requiring the input of account credentials. Users who receive unexpected or unsolicited email requests from known senders inviting them to click on a link or open an attachment should always verify the sender via another means of communication before taking any action. We also recommend closely examining the URL field of your web browser before attempting to sign into any account to ensure you are visiting a legitimate website.

Join our Newsletter!

Get blog posts and more sent directly to your inbox!