Search
Close this search box.

Phony Google Drive site tries to Phish multiple domains

I received the email below from a friend whose Gmail account had clearly been compromised (followed by an apology email from the same friend).

 The email includes a link to sign into Google docs to view a “very important” document. Clicking on the link leads to a somewhat convincing page with login options for a variety of domains/services including Gmail, Yahoo, Windows Live, AOL, and if these are not covered, then any other account.

Google-docs phishing email

Clicking on any of the icons pops up the grey login box shown in the screenshot below. We define such a page as “greedy phishing” (this is an unofficial definition) as the phishers are not content with only stealing credentials to one site.

The page was stored on a compromised website (frontroom.org.uk) that continued to function as usual while the phishing page ran within the site.

Google-docs phishing email destination website