Message Text:
From: Some Name (via Google Drive) <SomeName@gmail.com>
Date: Mon, Dec 10, 2018 at 12:08 PM
Subject: Doc701234.docx
To:
Cc:
SomeName@gmail.com has shared the following document:
Doc701234.docx
<https://drive.google.com/file/d/xxxxx>
[image: Unknown profile photo]John Coleman as shared a file with you
Open
<https://drive.google.com/file/d/XXXXX>
SomeName@gmail.com is outside your organization.
Google Drive: Have all your files within reach from any device.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA [image:
Logo for Google Drive] <https://drive.google.com>
Linked Doc/ Login Page:
Image of Google Doc and linked Fake Login Form |
Things to Note:
- Email really comes from a Gmail account (anonymized here as "SomeName")
- Link in email takes user to a real Google Doc
- Google Doc goes to a Forged Office 365 web login
Recommended Action:
- Forward to phishing@umn.edu
- Mark as spam, delete
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.