Archivo de la etiqueta: phishing

(Otro) Ejemplo de phishing

Hola,

después de un tiempo sin publicar, os traemos un intento de phishing que ha llegado a nuestro correo, en este caso el contenido del mensaje es el siguiente:

contenidocorreo

De primeras ya es sospechoso, no conocemos al emisor del mensaje, el asunto del que nos está hablando no nos suena, y el primer error en el correo nos le encontramos en la redacción, ya que firma el mensaje con el nombre de Marta, pero en el correo aparentemente se llama Eduardo. Sigue leyendo (Otro) Ejemplo de phishing

Phishing en el correo??

Hoy os vamos a contar un caso real con el que nos encontramos hace una semana en nuestra bandeja de correo.

Sabéis las típicas cuentas de email antiguas que se convierten en la dirección con la que registrarte en todos lados cuando se necesita algo de internet que requiere un registro, pues revisando ese correo nos encontramos el siguiente mensaje:

mail2 Sigue leyendo Phishing en el correo??

Phishing in Google Drive

Hello there!

Today we have very interesting news about something we heard some days ago and that it is not being discussed. Symantec has informed about a phishing campaign that is used by Google Drive as bait for gaining information.

The trick is really simple, but very interesting at the same time, because it is very easy to be cheated. The user receives an email with a shared document. Once the user (that is being attacked) has clicked on the link, he is automatically redirected to a fake webpage that impersonates Google Drive’s login screen.

 

Phishing Google
Phishing Google

After entering the access credentials, this information is sent to a PHP script of a web server.

The special feature of this phishing is that the fake webpage is inside Google servers and it uses SSL (Secure Sockets Layer), so that you may think the webpage is real because is very similar to the original one.

Furthermore, after sending the access credentials, you are redirected to the real Google Drive in order to be unnoticed.

How do they do this? They have created a public folder in Google Drive and they have obtained a public URL by uploading a file. Thanks to this URL, they can send fraudulent messages.

Why do they attack Google and Gmail? Because both are very interesting for this kind of attacks, since the access to these services usually means the access to many other services where we are registered or where we have an account.

So if something similar happens to you, you should be suspicious. If you are already connected to your e-mail account, why do you have to put your credentials to access to Google Drive?

We hope you find this information useful.

Sources:

http://googlelizados.com/2014/03/14/phishing-google-drive/ (In Spanish)

http://thehackernews.com/2014/03/watch-out-scammers-targeting-google.html

Translate by: Cristina Serrano