In recent months, we have noticed a phishing campaign designed to steal email credentials.
In this campaign, the crook creates a fake email account or uses an email account that has been breached, and sends an email where the recipient is asked to click on a link that redirects to a phishing site.
The email asks you to click on the link to view a document via Google Docs. However, following the link transfers the victim to a phishing site that requests that you login with your email address and password. Thus the login details are stolen and transferred to the attacker.
On entering this page, a message states: “To View shared document you are required to login with your email address below.” Pressing on one of the email service providers activates a pop-up window asking you to enter your email address and password:
In this manner, the victim provides the attacker with full access to his email account, allowing him to view correspondence, extract sensitive information and continue disseminating such phishing emails to potential victims. The best way to mitigate this type of threat is simply to hover with the mouse over the “Click here” link. If the link is not Google Docs, do not click on it.