Arrow-right Camera
The Spokesman-Review Newspaper
Spokane, Washington  Est. May 19, 1883

BBB Tip of the Week

Scammers are trying to get your Google log-in credentials, and emails prompting you to go to an important document are setting the trap.

In previous versions of this phishing scam, malware downloads were involved, but Google has thwarted those attempts. However, like before, scammers are using a publicly accessible file in a Google Drive account that is actually a webpage mimicking the Google log-in page. The new twist is that they are using something called “code obfuscation,” which muddies up the true intent of the code, making it hard to detect.

When you input your user name and password into the look-a-like form, the code sends the information to the scammers. Also, because the webpage file is within a Google Drive account, the website appears real and is protected by Google’s security certificates (“https”) and has “google.com” as part of the Web address. All of this makes the phishing scam very difficult to detect.

Because of the single sign-on for all Google apps, once the scammers have captured credentials, they have access to all connected Google apps, including Gmail. With access to email, the scammers can then search for financial account emails and request user names and password resets for those accounts.

Better Business Bureau offers the following tips to avoid this tricky phishing scheme:

Don’t respond to unexpected email requests to share files through Google Drive. The email can come from a stranger or someone you know who has had their account compromised.

Start at www.google.com whenever you want to log in to your account, and then navigate to the Drive app to see if a friend has really shared a file. By always logging in this way, you will avoid the impostor phishing webpage.

Use two-step verification for your Google account. You can get more information on how to set this up at www.google.com/landing/2step/. Consider setting up two-step verification for all online financial accounts to prevent takeovers should your email account be hacked or compromised.

Report suspicious emails to Google by using the “Report Phishing” option, which can be found by clicking the down arrow next to the “Reply” button for the email in question.

If you think your Google account has been compromised, be sure to carefully read and follow the steps in the security checklist at https://goo.gl/0IynTV.

For more tips you can trust, visit BBB at www.bbb.org/eastern-washington or call (509) 455-4200.

Erin T. Dodge, BBB editor