Analysis by: Mary Jen Sen Chua

We found email messages pretending to be from Google Docs. The message attempts to lure users into a phishing site mimicking Google Docs (now known as Google Drive), a legitimate cloud storage service from Google. The mail asks users to sign-in a particular Google Docs, Gmail, Yahoo!, Windows Live, AOL etc. Once done, users are redirected to the legitimate Google Drive page in order to downplay its malicious activity.

These credentials are sent then to cybercriminals, who will either peddle the data to the underground market of use these for their other schemes.

Users must always be cautious before downloading or clicking links contained in dubious-looking messages. Better yet, verify if the message received is legitimate or now. The spam mails and malware were already detected and blocked by the security solutions powered by the Trend Micro™ Smart Protection Network™.

 SPAM BLOCKING DATE / TIME: 18 August 2013 GMT-8
 TMASE
  • TMASE Engine: 7.0
  • TMASE Pattern: 0090