The bogus log-in screen for Google Drive scam is hard to spotThere are many Google scams currently active and that have been tried in the past, but this one centers around Google Documents. It starts with an email with the subject line “Documents” and a link to a Google log-in page. The page will look like your standard Google home page where you log in to Google Drive. Depending on your operating system and set up, the page will vary in how it looks, but it will look identical to the Google Documents (aka Google Drive) page you normally use.
If you don't make a practice of using Google Documents, definitely don't follow this link. And even if you do use it, you shouldn't blindly follow a link. The link could come from someone you know if their Google account has been compromised or could appear to come from Google or someone random. This scam is very sophisticated, which is what makes it so hard for victims to realize they are being scammed.
The page was created in a folder on Google drive that's then shared publicly. This means that Google is hosting the page for the scam (even though they aren't participating or endorsing it), so the URL for the link does start out with Google.com and seems legitimate. If you ever share Google docs with anyone, you've likely been prompted to log in on a screen just like this, so it won't raise any alarm bells.
But once you log in, your user name and password are sent to a PHP script on a scammer's server. You don't see this happen and after you sign in, you're sent on to a Google document so you may not even realized you've been hacked. With your Google user name and password, the scammers can access your browsing history, Gmail and Google Play.
If you save any site passwords, financial information, bank logins or other sensitive data, all of this can be compromised. According to Symantec, clients that use their security products are protected from this threat, but other antivirus and security programs may not protect you. To protect yourself from this and other phishing scams, you should never open an email from someone you don't recognize and definitely don't click on any link that you don't know is 100% legitimate.
In the case of this scam, even if the email comes from someone you know, if you weren't expecting a Google Doc from them, don't open it. Instead, contact them (not with a reply to the email, but a new email) and confirm that they sent you something before you open it. Also, don't store credit card information, passwords or log-ins in your Gmail, contacts or on your calendar. As frightening as it sounds, you're safer writing down any passwords you can't remember and putting the paper in a physical lockbox in your home. Scary when paper may be more secure than digital!