In a new SecureList blog post, Kaspersky Lab researcher Vicente Diaz has described a new frontier in a relatively old online scam. Phishers, tired of building fake websites to lure victims into unintentionally giving away email addresses, passwords or even financial information are beginning to use Google Docs to siphon data from the unwary.
This approach makes it easy for spammers to bypass filters, as emails with links to a shared Google document don’t get flagged, giving the recipient the illusion that the message is legit.
Mr. Diaz writes that tricking someone into entering personal data into a sketchy Google Doc is only “the tip of the iceberg”:
Google Docs allows hosting other contents such as executable files in different formats, resulting in a very convenient and free hosting service for malicious content. As a bonus the connection is HTTPS by default, making it even more convenient for cybercriminals the use of this service.
HTTPS is the communications protocol that supposedly means a web page is secure and any data entered in a form on that page won’t be intercepted by a cyber-thief.
The Google Docs dodge is fairly new but may not be all that rare, as spammers are catching on to the fact that it’s so easy to make a target believe they’re looking at a legitimate document.
Until anti-spam programs begin to learn and account for this ploy the best defense is skepticism. If you have no idea why anyone would share a Google document with you, don’t even click the link.