Kingston Police have released details on a scam that uses Google Drive’s share feature to distribute malicious content over emails.
To help protect against malicious links, most email clients have filters that flag suspicious-looking emails. To bypass these filters, cybercriminals often create malicious content using well-known platforms such as Google Drive, and then use the platform’s share feature to distribute their content, Kingston Police said in a media release. Since these platforms are so widely used, built-in email filters typically do not recognize that this content is malicious.
In a recent phishing attack that Kingston Police is aware of and has observed first hand, scammers are using a phony notification from DocuSign (a popular electronic agreement service) that actually includes a link to a malicious Google Doc. The fake notification states that you have an invoice to review and sign. If the recipient clicks on the included View Document button, they are taken to what appears to be a DocuSign login page that asks for the password. In reality, the button leads to a Google Doc disguised as a DocuSign page, and any information entered on the document is sent directly to the scammers, according to the release.
Kingston Police said, “Don’t fall for this trick!” Remember:
- Never click on a link or download an attachment in an email that you were not expecting.
- If you think the email could be legitimate, be sure to hover over the link (or button) to preview the destination. Look for discrepancies, such as a DocuSign email using a Google Drive link.
- When an email claims to include an invoice, try to find evidence of the transaction elsewhere, like on your bank or credit card statements.