ALERT: Google Drive Phishing Scam

A new phishing scam is circulating one of the more populated regionsgoogle-login
of the web: Google Drive File Sharing.

Google Drive Scam Play-by-Play

Users who enter their information and “Sign in” are redirected to an actual Google Doc containing irrelevant information.  At the same time, and in the background, the user’s Google log-in credentials are sent to the scammer’s web server.

How to Avoid the Drive Scam


Never fall for a phishing scam again. Read Emsisoft’s Guide on Phishing Scams and how to prevent them

Google Drive Scam Consequences

As Google’s actual log-in page makes clear, your log-in credentials provide access to “One Account.  All of Google.”  That means that users fooled by this recent scam provide attackers with access to everything they do on Google.  Gmail, Google+, Google Calendar, Google Play – all of Google indeed.  This consequence highlights the problem with using just one service provider, and thus one username and password, for all of one’s online activities.  Doing so may make things easier for you, but it also makes things easier for the bad guys.

Drive Scam Protection

Emsisoft Anti-Malware’s Surf Protection technology automatically protects users from malicious servers like the one used in this Google Drive scam.  Surf Protection utilizes a built-in list of dangerous websites that is updated in realtime, and it is completely immune to social engineering tactics like fake log-in pages.

If you have recently logged on to Google through a suspicious email request, Emsisoft recommends that you change your Google password immediately.  Even if you haven’t logged on through such an email, it is important to change any account’s password with some regularity.  Passwords are your first line of defense to Internet security, and when they are weak or reused the truth is that they’re not much good at all.

It is also important to remember that any email containing attachments, links, or requests to share files should be carefully examined before you click.  Emails are common vectors for malware, and messages from anyone but trusted co-workers, family members, or friends should automatically raise suspicion.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a Great (Malware-Free) Day!

Senan Conrad

Senan Conrad

Senan specializes in giving readers insight into the constantly and rapidly changing world of cybersecurity. When he’s not tapping away at his keyboard, he enjoys drinking a good coffee or tinkering in his workshop.

What to read next