Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Phony Google Drive site tries to Phish multiple domains

I received the email below from a friend whose Gmail account had clearly been compromised (followed by an apology email from the same friend).

Google-docs phishing email

The email includes a link to sign into Google docs to view a “very important” document. Clicking on the link leads to a somewhat convincing page with login options for a variety of domains/services including Gmail, Yahoo, Windows Live, AOL, and if these are not covered, then any other account. Clicking on any of the icons pops up the grey login box shown in the screenshot below. We define such a page as “greedy phishing” (this is an unofficial definition) as the phishers are not content with only stealing credentials to one site.

The page was stored on a compromised website ( that continued to function as usual while the phishing page ran within the site.

Google-docs phishing email destination website

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...