Security researchers see a large volume of daily phishing attacks each day, but a recent phishing attempt to compromise Google Docs users has sent up red flags, according to a blog recently published by Symantec.
The e-mail has a title of "Documents" and tricks users to view "an important document" via Google Docs by clicking an included link. Instead of going to the traditional Google Docs login page, a convincing fake Google Docs login page is where users end up. Even worse, the phishers are running the fake page on Google servers with SSL support, and when a user enters information, a compromised server receives the PHP script.
Following a compromised user logging in, a redirected page takes users to an authentic Google Docs file - a very convincing phishing effort.
Cybercriminals created the phony page using a folder inside a Google Drive account, which was set to public, then uploaded a file. Compromised Google credentials provide access to Gmail, Google Play, and other Google accounts, so this is a major security issue that users need to be aware of.