Fwd: Shared Doc

Peter Brigham pmbrig at gmail.com
Wed Nov 5 11:20:15 EST 2014


Ah, found out something about this:

>From McAfee:

-----

The Google Docs phishing scam is a textbook example: it aims to trick you
into handing over sensitive login details, and it does exceptionally well
<http://gizmodo.com/beware-of-this-dangerously-convincing-google-docs-phish-1546278702>.
The scam starts with an email referring to an “important document” stored
on Google Docs. Clicking on the link in this message will take you to what
appears to be a Google Docs login page—but it’s not. This fake login page
allows scammers to collect your username and password for their own
malicious use.

Unfortunately for Gmail users, the page in this case is remarkably
convincing—emulating Google’s typical login page. And here’s the clincher:
because this scam is hosted on Google’s servers (the scam is, after all, a
public folder on Google Drive) it effectively sidesteps one of the more
reliable ways to detect a phishing scam. Generally speaking, phishing URLs
are one or two characters different from the official website that they’re
masquerading as. To top things off, because the scammers were hosting this
attack on Google’s servers, the URL appears to be secure.

This attack on Google Doc users is especially troubling as Google uses a
single login across all of their services. If the scammers successfully
obtained login credentials for your Google Docs, they’d also be able to
access your email, Chrome browsing history (including searches), YouTube
account, and perhaps even be able to make purchases through the Google Play
store if you’ve previously registered your payment information.

Despite the sophistication of this scam, there’s light at the end of the
tunnel. After its discovery earlier this week, Google has successfully
removed the phishing pages. They’ve also stated that their “abuse team is
working to prevent this kind of spoofing from happening again.”
-----

I have changed my google password.

-- Peter

Peter M. Brigham
pmbrig at gmail.com
http://home.comcast.net/~pmbrig


---------- Forwarded message ----------
From: Peter Brigham <pmbrig at gmail.com>
Date: Wed, Nov 5, 2014 at 9:34 AM
Subject: Re: Shared Doc
To: How to use LiveCode <use-livecode at lists.runrev.com>


It surely is malware -- a number of people in my address book have gotten
this message. I am very sorry for the annoyance. This is the very first
time in 20 years on the Mac I've had a problem with my machine getting
hijacked. It looks as if this originates from google Docs, which I have
never used, but someone recently sent me a link to a google Doc file, which
I opened. I wonder if this somehow triggered something? Anyone using google
Docs who knows something about this, I'd appreciate some insight.

-- Peter

Peter M. Brigham
pmbrig at gmail.com
http://home.comcast.net/~pmbrig


On Mon, Nov 3, 2014 at 6:00 PM, PystCat <pystcat at gmail.com> wrote:

> I know… I’ve been getting a LOT of these the past month.  They are getting
> VERY annoying.
>
>
> > On Nov 3, 2014, at 5:59 PM, J. Landman Gay <jacque at hyperactivesw.com>
> wrote:
> >
> > On 11/3/2014, 4:54 PM, Pyst Cat wrote:
> >> What is this..?  Is this some kind of phishing expedition..?
> >
> > Probably malware on his computer. Ignore it.
>



More information about the use-livecode mailing list