1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google Drive phishing is back -- with obfuscation

Discussion in 'CSO' started by RSS, Jul 28, 2015.

  1. RSS

    RSS New Member Member

    If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking -- it could be a phishing scam designed to harvest your Google credentials.

    According to Aditya Sood, architect at Elastica Cloud Threat Labs, the new campaign is reminiscent to one that popped up a year ago, except that this time there are a couple of layers of obfuscation designed to disguise the attack.

    Google does have a built-in safety mechanism for its online document storage service, and scans files for malicious code.

    But in this particular case, there's no malware to infect a user's machine.

    Instead, Google Drive is used to host a simple web page. Documents, spreadsheets, presentations, and photos aren't the only file types that Google Drive supports -- it can even be used to host entire websites.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page