Mike Phillips

Google Phishing – No, This Isn’t A Post About Jam Bands

/in /by

 

The other day I received a seemingly innocuous email from one of our clients that turned out to be a bizarre Google Phishing scam via Google Drive. It was from someone I’d been expecting a Word document from. Check out the email below:

phishing scam
Normally I wouldn’t think twice about a professional email from a trusted client using a  reliable company like Google to share a file. However, check out how sophisticated these phishing phreaks are getting. In the above image that hyperlink to Google Drive appears very authentic, does it not?

Anyway, my curiosity got the best of me and after clicking on that link I was taken to the phollowing phishy page, which looked a little phunny.

phishing image 1

In addition to lacking the design acumen that I expect from my friends at Google (this page had weird fonts, broken sentences with varying rules for punctuation, a bizarre box), the webpage also had a very unusual URL. No longer was I on a trusted Google website (despite the graphic imagery) – but it was some bizarre URL for some business I had never heard of. That is what set off all of my alarm bells, and that is what kept me from giving away my personal information to this scam artist.

Friends, you must remain vigilant these days. No matter how much you trust the sender of an email, always look for the tell-tale signs of an internet scam. Below I have shared some simple questions to ask yourself to help keep you safe from, in the immortal words of George W. Bush, “evildoers.” Feel free to share some of your own!

1. Who sent the email? If the email appears to be from a business that you have no relationship with and is asking for your personal information, it’s probably a scam. (i.e., Login to Paypal, when you don’t have a Paypal account)

2. Does the visual appearance seem a bit off? If the design elements of the message appear to be more juvenile than you’d expect from trusted sources, something phishy might be going on.

3. Is a wealthy individual, or the heir to a large fortune, asking you for help? If the user professes to be a Vanderbilt, or of royal heritage (think: Nigerian Prince) – it’s certainly a scam. People with real money won’t send out e-blasts to us commoners when seeking help with a loan. They will, however, panhandle via Kickstarter and Indiegogo, but that is a different story for another day…

4. Does the email appear to be written by a five-year old? You don’t have to have a master’s degree in English Literature to catch most of their mistakes. Check out punctuation, simple spelling errors, inaccurate sentence case, uneven capitalization and even broken sentences that just read weird.

Finally, as a last resort, if you really want to keep yourself safe – just send me your email addresses and passwords and I will encrypt them safely within the proverbial Fort Knox of the electronic Cloud, free of charge. Trust me, I’m writing something on a website!

UPDATE.

Just as I went to post this blog, I learned of yet another, even trickier Google Drive Scam. Read this from Gizmodo.