Go to the U of M home page

Thursday, December 31, 2015

Phishing Example 119: DOCS

Received December 2015

From: **Compromised UMN account**
Date: Thu, Dec 31, 2015 at 4:05 AM
Subject: DOCS

3  files named "Confidential Letter" has been shared with you and will be
available in Google Drive, you can access them anytime below
Drive_Statement <hxxp://xxxxxxx.in/u.php>
Google Drive: create, share, and keep all your stuff in one place.

1) Leads to a typical fake Google Drive login: (Not .IN (India) URL)

2) Again this is NOT how Google does logins - they do not use other email services to authenticate:

3) New wrinkle, fake animation for "opening" the drive

(Leads to a PDF with a financial document report - probably nothing you'd be interested in.)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.