Scammers seem to be the more robust group of people out of all of us it seems! They never seem to let down on how many different ways they can get everyone else to click a link they didn’t want to go to.
Scammers are luring people into Google Drive documents in an attempt to get them to visit potentially malicious websites. Scammers found a new way to lure people through Google Drive. A flaw in the Drive is being exploited to send out seemingly legitimate emails and push notifications from Google that, if opened, could land people on malicious websites. It’s nothing new – messages ask you to click on odd-looking links are as old as the internet itself – but could catch a lot of people off guard.
The smartest part of the scam is that the emails and notifications it generates come directly from Google. On mobile, the scam uses the collaboration feature in Google Drive to generate a push notification inviting people to collaborate on a document. If tapped, the notification takes you directly to a document that contains a very large, tempting link. An email notification created by the scam, which also comes from Google, also contains a potentially malicious link. Unlike regular spam, which Gmail does a pretty good job of filtering out, this message not only makes it into your inbox, it gets an added layer of legitimacy by coming from Google itself.
The success of email spam filters left scammers looking for new ways to get people to click on malicious links. And Google Drive is pretty accommodating. By default, GDrive wants you to know when someone has mentioned you on a document. In a work setting, this could be a colleague asking you to check over a slide in a presentation or a brief for a new project. For scammers, it’s a clever way of putting a malicious link right in front of a potential victim.
People targeted by the scam receive Google Drive notifications and emails in Russian or broken English asking them to collaborate on documents with nonsense names. These documents always contain a link to a scam website. One of the websites used for the scam, which was only registered on October 26, bombards people with notifications and requests to click on links to deals and prize draws. Other versions of the scam try to lure people to click on links to check their bank account or to receive a payment.
Emails are closely monitored and scanned by systems meaning a huge number of spam emails are detected before delivery but Google Drive offers no such protection. On mobile the phishing method could be particularly effective. “Mobile targeted phishing is on the rise as there are less security controls,” he adds.
A Google spokesperson says the company has measures in place to detect new spam attacks and stop them, but that no security measures are 100 percent effective. The spokesperson adds that Google is working on new measures to make it harder for Google Drive spam to evade its systems. Anyone targeted by the scam can report it to Google via the company’s support page.
It’s difficult for Google to do anything if the notification is coming from a legitimate account; which is easy to create. The best thing to do is to read and avoid clicking on unsolicited links of any kind when sent from unknown sources. If you weren’t expecting to receive it and don’t know the sender, don’t respond.
