The fake Google Drive page comes as a "like" in an email with the subject “Documents,” and urges the recipient to view an important Google Doc. The link takes users to a very realistic-looking page that is actually hosted on Google’s servers and protected by SSL to appear even more convincing.
Symantec, the cybersecurity firm that noticed the phishing scam, wrote on its blog that the scammers simply created a folder inside of a Google Drive account, marked it as public, uploaded a file there, and used the preview feature in Google Drive to get a URL that they could include in the email. Once a user enters his or her credentials and clicks “Sign in,” the information is sent to a compromised server and the user is redirected to a real Google Docs document, leaving most users completely unaware that anything “phishy” has happened.
Google’s recent efforts to unify its myriad services into one user account means that if a user logs in to this fake Google Drive article, the scammers will have access to the person’s Gmail account, Chrome browsing information, and anything saved in Google Docs, and even be able to purchase things from the Google Play store. They could also use this information as a starting point for breaking into other online accounts.
As always, people need to remain vigilant online by never clicking on unknown links or opening emails from unknown senders, and always updating security software and Web browsers.