Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Phony Google Drive site tries to Phish multiple domains

I received the email below from a friend whose Gmail account had clearly been compromised (followed by an apology email from the same friend).

The email includes a link to sign into Google docs to view a “very important” document. Clicking on the link leads to a somewhat convincing page with login options for a variety of domains/services including Gmail, Yahoo, Windows Live, AOL, and if these are not covered, then any other account.

Google-docs phishing email

Clicking on any of the icons pops up the grey login box shown in the screenshot below. We define such a page as “greedy phishing” (this is an unofficial definition) as the phishers are not content with only stealing credentials to one site.

The page was stored on a compromised website ( that continued to function as usual while the phishing page ran within the site.

Google-docs phishing email destination website

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...