Bitcoin Forum
January 27, 2020, 12:44:06 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [Phishing] Be careful if you received file-sharing using Google Docs  (Read 111 times)
masulum
Hero Member
*****
Offline Offline

Activity: 658
Merit: 759


https://sale.kleros.io - Dispute Resolution Layer


View Profile WWW
August 21, 2019, 07:58:44 AM
Last edit: August 21, 2019, 10:34:10 AM by masulum
Merited by bones261 (2), o_e_l_e_o (1), DdmrDdmr (1)
 #1

Be careful when opening emails sent from Google Docs. recently, it was reported that phishing was found from file-sharing that was shared via email. By this Google Drive service, phishing owners share documents with targets on behalf of someone who has an important role in the company and included phising link on his documents.


here is the screen shot of timeline:








indeed, there are currently no reports at the expense of exchange users or those related to crypto. But here I want to warn you all to be careful if you receive a similar e-mail in the future. as we know Google Docs is very commonly used for bounties and airdrops registrations.

Source: https://cofense.com/phishing-campaigns-imitating-ceos-bypass-microsoft-gateway-target-energy-sector/

smartmixer.io▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
.Make your Cryptos untraceable!.
(( ███████ ((    TELEGRAM    )) ███████ ))
▄▄███████▄▄
▄███████▀███████▄
▄███▀▀▀ ▄▄▄ ▀▀▀███▄
▄███ ▄▀▀▀   ▀▀▀▄ ███▄
████ █  ▄   ▄█ █ ████
████▌▐▌ ▀█▄█▀ ▐▌▐████
▀████ ▀▄  ▀  ▄▀ ████▀
▀████▄ ▀▄▄▄▀ ▄████▀
▀█████▄▄ ▄▄█████▀
▀▀███████▀▀
.
NO LOGS
▄▄███████▄▄
▄██████▀▀▀██████▄
▄█████▀ ▄▄▄ ▀█████▄
▄██████ ▀   █ ██████▄
███████   █▀  ███████
████████▄ ▄ ▄████████
▀████▀         ▀████▀
▀███   ▄   ▄   ███▀
▀███████████████▀
▀▀███████▀▀
.
NO SIGN-UP
▄▄███████▄▄
▄███████████████▄
▄███████▀   ▀█████▄
▄████▀  ▀      █████▄
████     ▄▀▄  ▀ ▀████
███    ▄▀▄ ▄▀▄    ███
▀███▄▄  ▀█ █▀   ▄███▀
▀████████ ████████▀
▀███████████████▀
▀▀███████▀▀
.

70% COMSN
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
MIX NOW!
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
1580129046
Hero Member
*
Offline Offline

Posts: 1580129046

View Profile Personal Message (Offline)

Ignore
1580129046
Reply with quote  #2

1580129046
Report to moderator
There are several different types of Bitcoin clients. Server-assisted clients like blockchain.info rely on centralized servers to do their network verification for them. Although the server can't steal the client's bitcoins directly, it can easily execute double-spending-style attacks against the client.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
DdmrDdmr
Hero Member
*****
Offline Offline

Activity: 742
Merit: 3239


There are lies, damned lies and statistics. MTwain


View Profile WWW
August 21, 2019, 10:18:40 AM
 #2

<…>
If I’ve interpreted the case properly (after reading the OP and the source), the phishing link was within the document on Google Drive. The precaution to always be wary of any link should persist, and here the Google Drive doc has a malicious one enclosed.
 
The initial stepping-stone in this case what that the corporate email was sent from within Google Drive, when the corporate email naming convention did not use that method. Likely though, not everyone in a corporation will be looking out for this, and thus they may easily proceed to the content rather than examine the continent.

masulum
Hero Member
*****
Offline Offline

Activity: 658
Merit: 759


https://sale.kleros.io - Dispute Resolution Layer


View Profile WWW
August 21, 2019, 10:38:26 AM
 #3

If I’ve interpreted the case properly (after reading the OP and the source), the phishing link was within the document on Google Drive.
<snip>

Correct, they used document to share malicious link as you say.

smartmixer.io▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
.Make your Cryptos untraceable!.
(( ███████ ((    TELEGRAM    )) ███████ ))
▄▄███████▄▄
▄███████▀███████▄
▄███▀▀▀ ▄▄▄ ▀▀▀███▄
▄███ ▄▀▀▀   ▀▀▀▄ ███▄
████ █  ▄   ▄█ █ ████
████▌▐▌ ▀█▄█▀ ▐▌▐████
▀████ ▀▄  ▀  ▄▀ ████▀
▀████▄ ▀▄▄▄▀ ▄████▀
▀█████▄▄ ▄▄█████▀
▀▀███████▀▀
.
NO LOGS
▄▄███████▄▄
▄██████▀▀▀██████▄
▄█████▀ ▄▄▄ ▀█████▄
▄██████ ▀   █ ██████▄
███████   █▀  ███████
████████▄ ▄ ▄████████
▀████▀         ▀████▀
▀███   ▄   ▄   ███▀
▀███████████████▀
▀▀███████▀▀
.
NO SIGN-UP
▄▄███████▄▄
▄███████████████▄
▄███████▀   ▀█████▄
▄████▀  ▀      █████▄
████     ▄▀▄  ▀ ▀████
███    ▄▀▄ ▄▀▄    ███
▀███▄▄  ▀█ █▀   ▄███▀
▀████████ ████████▀
▀███████████████▀
▀▀███████▀▀
.

70% COMSN
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
MIX NOW!
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
Velkro
Legendary
*
Offline Offline

Activity: 2044
Merit: 1011


<3 Vanity Addresses :)


View Profile
August 21, 2019, 10:47:43 AM
 #4


Correct, they used document to share malicious link as you say.
Its to confuse less tech savy people because they didnt enter any phishing link, they entered trusted google service.
Common trick to use trusted website to then redirect to malicious link.
People will always come with new trick to confuse others. Its like hackers and system admins, ethernal everlasting battle between them with wins on both sides.

hd49728
Sr. Member
****
Offline Offline

Activity: 518
Merit: 423



View Profile
August 21, 2019, 01:35:52 PM
 #5

It is always right to be careful of emails from strangers.
1. Don't click on emails from strangers to open
2. Don't download any attachments, files, docs, ie. from strangers
3. If already download documents from them, don't click on links.
However, it is always best to stop instantly at the step #1.

The thread reminds me that sometime ago, I saw one guy posted a thread on list of bounty and have link to a site that activate warning from my Kaspersky Internet security software. From that day, I know (from my own experience) that it is always risksy to click on strange links, even my computers have protections.


[ Mix coins ]
 
Your BITCOIN Transaction
made Truly ANONYMOUS
 

███████
█████████████████
████████████████████████
█████████████████████████████
██████████                    ██████████
█████████                          █████████
███████                                    ████████
          ███████                                        ███████        ██
          █████████████████████████████████████      ███
          █████████████████████████████████████  █████
          ████████████████████████████████████  ██████
        ██████████████████████████████████████████
  █████████████████████████████████████████
█████                                        ████████████
                                  ██████████████
██                          █████████████████████          ██       
█████              ███████████████████████          ████       
█████████████████████████████            █████████       
██████████████████                      ████████████         
██████████████████████████████████████       
████████████████████████  ███████   
    ██████████              █████
                      ████████
      ████████████████    █
        ██████████████████
                  █████      ███
                      █████
                    ████

Blender
 
The ULTIMATE BITCOIN Mixer
with an ADVANCED TECHNOLOGY
 

███████████     
███████████████████████     
████████████████████████████       
██████████████████████████████       
██████████████████████████████     
 

                                          █████████████
                                          ███████████
██████
                                          ███████████
██████
                                          ███████████
        ██
                                        ████████████
        ██
    ██                              █████████████
        ██
    ████                      ███████████████
        ██
    ██████              █████████████████
        ██
    █████████████████████████████
          ██   
      ███████████████████████████
          ███
      ██████  ████████████████████
        ████
      ██████████████████████████
  ██████
      ██████████████████████████
███████
  █████      ████████████████████
███
████          ████████████████
████ 
████          ████████████████         
████████████████████████


   
█████████████████████████         
███████████████████████████         
█████████    ██    ███    ██████████       
███████████    ██    ███     ██████████         
███████████    ██    ███     ███████████       
██████████████████████████████████       
██████████████████████████████████       
bitmover
Hero Member
*****
Offline Offline

Activity: 728
Merit: 1250



View Profile
August 21, 2019, 01:48:38 PM
 #6

You should never open email from strangers.

Always look at the email. For example, I would immediately delete any email that comes from a jeck@sau23.org . What kind of domain is this? Certainly he is not from a big company, neither an University or whatever.

Just use common sense and don't even open an email that comes from a weird email address

hd49728
Sr. Member
****
Offline Offline

Activity: 518
Merit: 423



View Profile
August 21, 2019, 01:56:48 PM
 #7

You should never open email from strangers.

Always look at the email. For example, I would immediately delete any email that comes from a jeck@sau23.org . What kind of domain is this? Certainly he is not from a big company, neither an University or whatever.

Just use common sense and don't even open an email that comes from a weird email address
Weird or not weird, it does not matter at all. Just keep a key rule that Never open emails from strangers as you pointed out. Be careful with strangers, and stop immediately after looking at email addresses (if email addresses are strange, simply ignore).

Sometimes, we have emails from good strangers, with our works. So, ignoring all strangers emails can lead to missed chances. Personally, I use different emails; for my works  and for my crypto stuffs. I think people should create and dedicate emails for their crypto exchanges, only. Nothing more than crypto exchanges. For their works, and their business, dedicate others emails for those stuffs.

Anyway, even when you use emails for works, to check emails from strangers, don't click on links and download anything attached.


[ Mix coins ]
 
Your BITCOIN Transaction
made Truly ANONYMOUS
 

███████
█████████████████
████████████████████████
█████████████████████████████
██████████                    ██████████
█████████                          █████████
███████                                    ████████
          ███████                                        ███████        ██
          █████████████████████████████████████      ███
          █████████████████████████████████████  █████
          ████████████████████████████████████  ██████
        ██████████████████████████████████████████
  █████████████████████████████████████████
█████                                        ████████████
                                  ██████████████
██                          █████████████████████          ██       
█████              ███████████████████████          ████       
█████████████████████████████            █████████       
██████████████████                      ████████████         
██████████████████████████████████████       
████████████████████████  ███████   
    ██████████              █████
                      ████████
      ████████████████    █
        ██████████████████
                  █████      ███
                      █████
                    ████

Blender
 
The ULTIMATE BITCOIN Mixer
with an ADVANCED TECHNOLOGY
 

███████████     
███████████████████████     
████████████████████████████       
██████████████████████████████       
██████████████████████████████     
 

                                          █████████████
                                          ███████████
██████
                                          ███████████
██████
                                          ███████████
        ██
                                        ████████████
        ██
    ██                              █████████████
        ██
    ████                      ███████████████
        ██
    ██████              █████████████████
        ██
    █████████████████████████████
          ██   
      ███████████████████████████
          ███
      ██████  ████████████████████
        ████
      ██████████████████████████
  ██████
      ██████████████████████████
███████
  █████      ████████████████████
███
████          ████████████████
████ 
████          ████████████████         
████████████████████████


   
█████████████████████████         
███████████████████████████         
█████████    ██    ███    ██████████       
███████████    ██    ███     ██████████         
███████████    ██    ███     ███████████       
██████████████████████████████████       
██████████████████████████████████       
masulum
Hero Member
*****
Offline Offline

Activity: 658
Merit: 759


https://sale.kleros.io - Dispute Resolution Layer


View Profile WWW
August 21, 2019, 03:30:37 PM
 #8

You should never open email from strangers.


Maybe its easy for us to keep away from email from strangers. But, everyday new comer on crypto world is increased too, lot of them maybe think that email for bounty or airdrops as hd49728 stories above. With this thread, i hope all member who don't aware about link on online documents before, more aware about it after read this case.

thank you for your advice and for all member who give a suggestion to avoid stranger email, attachment or anything to safe online activity.

smartmixer.io▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
.Make your Cryptos untraceable!.
(( ███████ ((    TELEGRAM    )) ███████ ))
▄▄███████▄▄
▄███████▀███████▄
▄███▀▀▀ ▄▄▄ ▀▀▀███▄
▄███ ▄▀▀▀   ▀▀▀▄ ███▄
████ █  ▄   ▄█ █ ████
████▌▐▌ ▀█▄█▀ ▐▌▐████
▀████ ▀▄  ▀  ▄▀ ████▀
▀████▄ ▀▄▄▄▀ ▄████▀
▀█████▄▄ ▄▄█████▀
▀▀███████▀▀
.
NO LOGS
▄▄███████▄▄
▄██████▀▀▀██████▄
▄█████▀ ▄▄▄ ▀█████▄
▄██████ ▀   █ ██████▄
███████   █▀  ███████
████████▄ ▄ ▄████████
▀████▀         ▀████▀
▀███   ▄   ▄   ███▀
▀███████████████▀
▀▀███████▀▀
.
NO SIGN-UP
▄▄███████▄▄
▄███████████████▄
▄███████▀   ▀█████▄
▄████▀  ▀      █████▄
████     ▄▀▄  ▀ ▀████
███    ▄▀▄ ▄▀▄    ███
▀███▄▄  ▀█ █▀   ▄███▀
▀████████ ████████▀
▀███████████████▀
▀▀███████▀▀
.

70% COMSN
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
MIX NOW!
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
▄  ▄  ▄  ▄  ▄

▀  ▀  ▀  ▀  ▀
harizen
Legendary
*
Offline Offline

Activity: 1778
Merit: 1257



View Profile
August 21, 2019, 05:38:18 PM
 #9


Honestly, people can't really avoid opening random emails or what. If ever spam filter doesn't work, there will be emails that will really head to our precious inbox no matter what.

What matter here is, people should use their common sense to determine whether the content of that email is sh*t or not. Might be hard for some newbies to determine whether what are those sh*t or not but that's not a reason why should they fall on the trap. There are lots of newbies nowadays who already saved by their common sense especially at this generation where more people are aware of those fishy attempts.

A malicious link will not do harm unless it got "click" - so always THINK BEFORE YOU CLICK.

███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
███████ ███████ ███████
..SudokuWallet..██
██
██
██
██
██
██
██
██
██
██
██
██
                     ▄▄████▄▄
                    ▄████████▄

         ▄▄█████▄▄  █████████████████
       ▄███████████████████████████████
      ▄████████████████████████████████
      ██████████████████████████████████
      ▀██████████████████████████████████████▄▄
       ▀█████████████████████████████████████████▄▄
     ▄█████████████████████████████████████████████████▄▄▄▄▄
 ▄▄▄█
████████████████████████████████████████▀▀██████████████████▄
▀▀▀█████████████▀▀▀███
██████▀▀▀███████████           ▀▀▀▀▀▀▀
      ▀████████▀      ▀▀▀▀▀       ▀███████▀
       ▀▀████▀▀
██
██
██
██
██
██
██
██
██
██
██
██
██
          ▄ ▄▀▄
         █▄▀▄▀
        ███▀
      █▄██

       █
██
    ▄▄▀
   ██▄▄
  ▄▀  ▄▀ █
████▄
 █  ▄▀ ▄  █
█████
█ ▄▀  ▄▀ █ █
██████
█ █ ▄▀ █  ██
██████
▀▄▀▄█ █  ███
█████▀
 ▀▄▀█▄ █ ██
█████▀
   ▀▀████
████▀▀
Harlot
Hero Member
*****
Offline Offline

Activity: 1316
Merit: 614



View Profile
August 21, 2019, 06:48:51 PM
 #10

One way to avoid falling for these phishing traps is to be always aware about the situation because a lot of them can be convincing especially if you are really part of that organization or even related to something that they are saying. One way to do it is to always ask people you know that are also part of what you are doing since this is another way of confirming if the email that was sent to you was for real. The example above in the OP screams fraud but there are really others that are more convincing than this so you need to confirm everything first.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!