There is a new report that scammers have exploited a flaw with Google Drive that sends out legitimate emails and push notifications from Google that, if opened, could land people on malicious websites. It uses the collaboration feature in Google Drive to generate a notification inviting people to collaborate on a document. If tapped, the notification takes you directly to a document that contains a very large, tempting link. An email notification created by the scam, which also comes from Google, also contains a potentially malicious link.
If you have a Gmail account, you know that they do a pretty good job of filtering out spam, but these messages get to your inbox because they are generated by Google. By default, Drive wants you to know when someone has mentioned you on a document. In a work setting, this could be a colleague asking you to check over a slide in a presentation or a brief for a new project. For scammers, it’s a clever way of putting a malicious link right in front of a potential victim.
Be cautious of Google Drive notifications and verify with the collaborator that it is a legitimate notification. For UTHSC business and data, use the existing Microsoft tools of Teams, SharePoint and OneDrive for collaborating and storing of data.
Also reported to firstname.lastname@example.org this week:
[Ext] Email Security and Spam Filter Disabled – looking like it came from “IT” they misspelled Tennessee in the address field.
[Ext] Re: Change Payment method to invoice – supposedly from Microsoft, the sender was NOT a Microsoft account, asking to click a link to pay an invoice.
[Ext] Win $11k to fund your dream activity for your college club! – a too good to be true scam
We are now starting to post emails forwarded to Abuse in our Phish Bowl, found at https://uthsc.edu/its/cybersecurity/phish-bowl.php. Bookmark this page for easy of use if you get a phishy email to see if it has already been reported.