Google phishing scam hosted on site's own servers
HUNTSVILLE, AL (WAFF) - Scammers are getting more and more sophisticated. Some became so crafty, they managed to create a fake login screen to Google – hosted right on the company's own servers.
"It comes in the form of an email where they tell you that a Google Doc (e-document) has been sent to you," said the Better Business Bureau's Michele Mason.
The email asks you to click on a link, and if you do so, you are prompted to log in and enter your password…
But wait – you're already logged in?
"Typically if you are already in your Google email, you have already logged on, so you shouldn't have to log in," Mason said.
So that's one red flag. And these scammers' attempt to get your info is good.
"You will share the information, it will go to the scammer, but they have designed it to take you to a real Google page – so you are unaware that this is happening behind the scenes," said Mason.
Here's what you need to watch out for, according to Mason:
"Watch out for an email from someone, especially if it is generic, where it doesn't tell you the sender, or you don't recognize the sender, or if you recognize the name but weren't expecting a document from them," she said.
It's always better to take the time to check with them and make sure they sent it, than to take the risk that you could be pulled into a scam. In addition, you can watch out for phishing alerts, know when you are logged-in as opposed to when you aren't, and if you think your account has been compromised, sign up for additional security measures for your Google account, such as code verification.
Copyright 2014 WAFF. All rights reserved.