A flaw in Google Drive is now reportedly being used to send out seemingly legitimate emails that, if opened, could land people in harmful websites. The general method of pushing messages with dodgy links is as old as the internet itself. But it has still proven to be as effective for scammers since many can still be caught off guard.
The smartest part of this new scam is that the emails and push notifications are generally sent from Google. Smartphones can get easily exploited since the scam uses the sync feature in Google Drive to generate a notification. The messages are then used to invite people to download and view the document attached.
If a user taps the notification, it directs to a document that contains a long, tempting link. The link then redirects you to a malicious website that could then be used against you.
What’s really interesting is that the initial message is not taken to spam but uniquely makes it into one’s inbox and gets an added layer of legitimacy by coming from Google itself.
These hackers/scammers work their way through a huge list of Gmail accounts. This has been confirmed by scores of people reporting similar versions of the attack in recent weeks.
A number of people in Kenya have actually reported receiving such emails including Android Kenya’s Emmanuel Echenze.
Google Drive has been hijacked by spammers. What kind of notifications are these? pic.twitter.com/RlCX6dTDG6
— 𝖊 𝖈 𝖍 𝖊 𝖓 𝖟 𝖊 with AI (@echenze) November 2, 2020
According to WIRED, most if not all of these emails are in Russian or broken English with documents that have nonsense names. Like we have seen in previous scams, some of the messages lure users to click on links to deals and prize draws.
This news comes a few months after the Directorate Criminal Investigations had warned Kenyans of a similar scam. Scammers had been sending emails with links that apparently sell personal protective equipment amid the COVID-19 outbreak. This was a method that turned out to leave many with their devices riddled with malware.