Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Phony Google Drive site tries to Phish multiple domains

I received the email below from a friend whose Gmail account had clearly been compromised (followed by an apology email from the same friend).

Google-docs phishing email

The email includes a link to sign into Google docs to view a “very important” document. Clicking on the link leads to a somewhat convincing page with login options for a variety of domains/services including Gmail, Yahoo, Windows Live, AOL, and if these are not covered, then any other account. Clicking on any of the icons pops up the grey login box shown in the screenshot below. We define such a page as “greedy phishing” (this is an unofficial definition) as the phishers are not content with only stealing credentials to one site.

The page was stored on a compromised website ( that continued to function as usual while the phishing page ran within the site.

Google-docs phishing email destination website

You might also like

Phishing with QR codes

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...