The Latest in IT Security

Phishing Sites Hosted on Google’s Servers

30
May
2011

Google Docs allows users to create documents, spreadsheets, et cetera at google.com (hosted in Google’s cloud):

spreadsheets.google.com

Spreadsheets can even contain functionality, such as forms, and these can be published to the whole world.

Unfortunately, that means we regularly see phishing sites via Google Docs spreadsheets and hosted on spreadsheets.google.com.

Here are some examples:

spreadsheets.google.com

spreadsheets.google.com

spreadsheets.google.com

These are nasty attacks, as the phishing pages are hosted on the real google.com, complete with a valid SSL certificate.

spreadsheets.google.com

While researching these, we ran into this Google spreadsheet form:

spreadsheets.google.com

And for the life of us, we just can’t figure out if this is phishing or if it’s a valid page run by Google.

Initially, the page obviously looks like phishing: it’s hosted on the public spreadsheets.google.com server where anyone can host forms. And it asks for your Google Voice number, your e-mail address and the secret PIN code.

But then, you can also find that apparent Google Employees are linking to the form.

So, we can’t figure it out. Can you?

Here’s the URL to the form:
https://spreadsheets.google.com/viewform?formkey=cjlWRDFTWERkZEIxUzVjSmNsN0ExU1E6MA

We don’t recommend using the form. But if you can figure this one out, let us know via comments.

Leave a reply


Categories

SATURDAY, NOVEMBER 18, 2017

Featured

Archives

Latest Comments

Social Networks