March 2014: Google Drive Phishing Scam

Symantec, a security firm, identified a new and hard to detect phishing scam. The email will try and convince users to click on a link in the email, which then take the person to a fake, but very realistic looking Google log in page. What makes this scam even harder to detect is that the URL is a website that is actually hosted by Google and uses Google's SSL certificate so that it looks secure and safe.

A compromised GoogleID means that all the user's Google applications are also compromised. This includes access to a person's email, documents stored in Google Drive, events in Google Calendar, and more. Google accounts tied to Google Play, in particular, are targeted because they are often associated with credit cards and other financial information. Protect yourself from phishing scams by learning more about them and how to identify them.

<-Read more back-issues of the Security Awareness eNewsletter