[Phishing] Be careful if you received file-sharing using Google Docs

[masulum]

Be careful when opening emails sent from Google Docs. recently, it was reported that phishing was found from file-sharing that was shared via email. By this Google Drive service, phishing owners share documents with targets on behalf of someone who has an important role in the company and included phising link on his documents.


here is the screen shot of timeline:







indeed, there are currently no reports at the expense of exchange users or those related to crypto. But here I want to warn you all to be careful if you receive a similar e-mail in the future. as we know Google Docs is very commonly used for bounties and airdrops registrations.

Source: https://cofense.com/phishing-campaigns-imitating-ceos-bypass-microsoft-gateway-target-energy-sector/

[1715240187]

1715240187

[1715240187]

1715240187

[1715240187]

1715240187

[1715240187]

1715240187

[1715240187]

1715240187

[DdmrDdmr]

<…>

If I’ve interpreted the case properly (after reading the OP and the source), the phishing link was within the document on Google Drive. The precaution to always be wary of any link should persist, and here the Google Drive doc has a malicious one enclosed.
 
The initial stepping-stone in this case what that the corporate email was sent from within Google Drive, when the corporate email naming convention did not use that method. Likely though, not everyone in a corporation will be looking out for this, and thus they may easily proceed to the content rather than examine the continent.

[masulum]

If I’ve interpreted the case properly (after reading the OP and the source), the phishing link was within the document on Google Drive.
<snip>

Correct, they used document to share malicious link as you say.

[Velkro]

Correct, they used document to share malicious link as you say.

Its to confuse less tech savy people because they didnt enter any phishing link, they entered trusted google service.
Common trick to use trusted website to then redirect to malicious link.
People will always come with new trick to confuse others. Its like hackers and system admins, ethernal everlasting battle between them with wins on both sides.

[hd49728]

It is always right to be careful of emails from strangers.
1. Don't click on emails from strangers to open
2. Don't download any attachments, files, docs, ie. from strangers
3. If already download documents from them, don't click on links.
However, it is always best to stop instantly at the step #1.

The thread reminds me that sometime ago, I saw one guy posted a thread on list of bounty and have link to a site that activate warning from my Kaspersky Internet security software. From that day, I know (from my own experience) that it is always risksy to click on strange links, even my computers have protections.

[bitmover]

You should never open email from strangers.

Always look at the email. For example, I would immediately delete any email that comes from a jeck@sau23.org . What kind of domain is this? Certainly he is not from a big company, neither an University or whatever.

Just use common sense and don't even open an email that comes from a weird email address

[hd49728]

You should never open email from strangers.

Always look at the email. For example, I would immediately delete any email that comes from a jeck@sau23.org . What kind of domain is this? Certainly he is not from a big company, neither an University or whatever.

Just use common sense and don't even open an email that comes from a weird email address

Weird or not weird, it does not matter at all. Just keep a key rule that Never open emails from strangers as you pointed out. Be careful with strangers, and stop immediately after looking at email addresses (if email addresses are strange, simply ignore).

Sometimes, we have emails from good strangers, with our works. So, ignoring all strangers emails can lead to missed chances. Personally, I use different emails; for my works  and for my crypto stuffs. I think people should create and dedicate emails for their crypto exchanges, only. Nothing more than crypto exchanges. For their works, and their business, dedicate others emails for those stuffs.

Anyway, even when you use emails for works, to check emails from strangers, don't click on links and download anything attached.

[masulum]

You should never open email from strangers.

Maybe its easy for us to keep away from email from strangers. But, everyday new comer on crypto world is increased too, lot of them maybe think that email for bounty or airdrops as hd49728 stories above. With this thread, i hope all member who don't aware about link on online documents before, more aware about it after read this case.

thank you for your advice and for all member who give a suggestion to avoid stranger email, attachment or anything to safe online activity.

[harizen]

Honestly, people can't really avoid opening random emails or what. If ever spam filter doesn't work, there will be emails that will really head to our precious inbox no matter what.

What matter here is, people should use their common sense to determine whether the content of that email is sh*t or not. Might be hard for some newbies to determine whether what are those sh*t or not but that's not a reason why should they fall on the trap. There are lots of newbies nowadays who already saved by their common sense especially at this generation where more people are aware of those fishy attempts.

A malicious link will not do harm unless it got "click" - so always THINK BEFORE YOU CLICK.

[Harlot]

One way to avoid falling for these phishing traps is to be always aware about the situation because a lot of them can be convincing especially if you are really part of that organization or even related to something that they are saying. One way to do it is to always ask people you know that are also part of what you are doing since this is another way of confirming if the email that was sent to you was for real. The example above in the OP screams fraud but there are really others that are more convincing than this so you need to confirm everything first.