Treasure Trove or Trap? The Reality of Google Drive Spear Phishing 🏴☠️
Phishing Attempts are nothing new, but this Google “Spear Phishing” attack seems to be coming back around again. Here is what you need to know to stay safe.
The Deets:
Two years ago, the Google Drive phishing scam made headlines, targeting unsuspecting Gmail users with deceptive push notifications and emails.
The attackers, employing a tactic called spear phishing, sent out invitations to collaborate on Google Docs. Innocent users who took the bait found themselves directed to documents harboring a dangerous link to a malicious website. The scam messages, often riddled with broken English and foreign language, lured recipients with promises of prizes or urged them to review financial transactions.
While this particular scam may seem like a relic of the past, its tactics persist in today’s digital landscape. In response to the ongoing threat, Google has implemented warning banners to alert users to potential dangers associated with opening suspicious files on Google Drive. You may see a red banner at the top of the window when you attempt to open the drive.
What to do:
Nevertheless, staying cautious when getting emails, links or documents from those you have never worked with before is important. If you encounter such suspicious activity, it’s crucial to take action promptly.
Report to Google:
- Go to Google Drive (drive.google.com).
- Click on the question mark in a circle at the top right of the page (to the left of the gear icon).
- Go to “Send feedback to Google” and enter your feedback.
(On mobile, open Drive, tap the 3 horizontal lines at the top right of the page, and select
Help & feedback.)
For those who may have fallen victim to the scam and clicked on the links, immediate password resets are imperative to safeguard personal information and mitigate potential damage.
When in doubt, do not click, screenshot and ask a Nerd! You can also read more here on Google’s Support Page
Stay Cyber Safe Out There!