Google Drive Users Targeted in New Phishing Scam

There are hundreds of millions of Google accounts, so when a scam targets those accounts, you’re talking about a lot of people who are at risk.

That’s the situation with a phishing scam that popped up this week. It involves an email with the subject line “Documents” that tells the recipient to review an important file through a link to Google Docs. According Symantec, a computer security company that outlines the scam on its blog, the link leads to a fake Google Drive login.

Phishing is a technique scammers use to steal information by tricking people into thinking they’re a trusted company or contact — in this case, the scammers are trying to get you believe that their phishing scheme is the login page for Google Drive.

It’s pretty convincing fake. I know that I hardly hesitate when prompted to enter my Google credentials, because it’s something I encounter regularly. That’s what the scammers are banking on: Once you click the “sign in” button, your credentials are sent to a compromised server, according to the Symantec blog post.

Identity Theft Concerns

For many people, a Google account is the master key to all sorts of important and sensitive information. Think about it: When you forget the password to your bank account, where is the reset email sent? Your email address, which is perhaps a Google account. It’s different for everyone, but basically, sharing your Google account information with a hacker could be disastrous.

Get everything you need to master your credit today.

Get started for free

In a situation like this, it’s important to remember you shouldn’t click on links sent from suspicious accounts or in messages with content that doesn’t seem relevant to you. You don’t want to reach a well-crafted fake login page that tricks you into forking over your information, so click through your email with caution.

If you suspect you may have had an account — whether it’s email, social media or something else — compromised, first change your email password, then change the passwords to your other accounts. Recycling passwords or using the same password across all accounts isn’t going to give you much security, so go for unique passwords that make the hackers’ job harder.

Regardless of whether you think you’re caught in a scam, you should always monitor your credit report, credit scores and bank accounts for signs of identity theft. You can use the free Credit.com Credit Report Card to see your credit scores every month. You’re entitled to a free annual credit report from each of the major credit reporting agencies, and you want to make sure you recognize all the accounts listed there.

It’s not always possible to prevent identity theft, which is why awareness is so important, before and after something happens.