Phishing Scams Rely on Google Docs
SophosLabs has recently detected twin spam campaigns during the 3rd-weekend of January 2012 that exploits Google Docs as support for their phishing activities.
One of these campaigns aims at ANZ Bank customers the bank which's a major financial institution within Australia, where as in the other, visitors are targeted when they access the website belonging to a school in North America.
The phishing e-mail in the first scam tells the recipient that there's a strict rule for ANZ Bank in making sure that all its clients' Internet banking information remains safe as well as is regularly updated. The purpose is essentially for protecting the clients as a few can't anymore access ANZ Bank's Internet banking service because of false transactions the bank's managing personnel suspected, the e-mail explains.
Meanwhile, there's one web-link within the e-mail that leads onto an online form in Google Docs seeking sensitive personal info from the victim such as password, name, client registration number, and electronic mail id.
According to SophosLabs, incase this web-link is copied and pasted into a web-browser, it'd instantly open one Google's cloud page, reading somewhat as https://docs.google.com/spreadsheet/reportabuse?formkey=xxxxx...
Moreover, if end-users report to Google about the deceptive web-link, all that they'd be advised for doing is for classifying it. No e-mail id, username, password, alternatively other personal details will be asked from them.
According to security specialists, poor spelling and grammar, notifications, which ask for private data, and dubious sender addresses normally are clues to a malicious motive.
Various reasons are cited for the phishers' preference for Google Docs. First, the domain-name 'Google' lends a sense of legitimacy to the scam, while the HTTPS within the web-address lends a sense of security. Second, the online spoofing related form can enjoy free hosting while the stolen or phished-off data can be garnered automatically as also accessed from anyplace. Thirdly, the 'form' has a simple format and Google Docs presents a way for automatically generating enticing electronic mails for victims.
Hence, the specialists urge for avoiding web-links within the phishing e-mails, and discarding the use of phone-numbers, URLs, alternatively any 'calls-to-action' within the same that apparently offer security.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 23-01-2012