The Goldendale Sentinel - Headlines & History since 1879

By Lou Marzeles

Warning: don't let Google Drive


Screen Shot

BEST ADVICE?: Don't open it. Google Drive documents scams are hitting all of Klickitat County and beyond.

The Nigerian lottery scam, still a perennial favorite, runs on greed, offering the promise of dizzying riches yours just because some kindly benefactor in Africa chose your name. Hey, it could happen. The newly revived Google Drive scam runs on sheer curiosity, and because it's far lesser known, it's plying a steady trade these days. Especially lately in Klickitat County.

Hundreds of bewildered computer users across the county are getting mysterious messages right from Google, it appears, asking them to edit a document on Google Drive called "Remittance Advice." Sounds important, whatever it is. Everybody knows not to open an email attachment, but what could go wrong by going to a Google Drive link?

What goes wrong is that your email is hacked. Once inside your Google email account, the scammers have access to all the email addresses of those with whom you've communicated since the last Ice Age. Once those are obtained, it then sends the same baited-hook message to all of them. More significantly, unless your password is changed, it can mine your emails for references to highly sensitive information.

Google Drive is a cloud-based service of Google where users can place documents of every kind, for both personal use and to share with others as allocated. For this scam, the perpetrators simply create a real folder inside their own Google Drive account, mark it as public, upload a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages. That means, they bait, you bite.

Screen Shot

WARNING SIGNS: In this example, recently used devices settings show that the user's Google account was accessed from Romania and Costa Rica.

The scam was first observed in 2014. At that time Google said it would fix the issue to make it unable to work. Since then it has kept on working. It was active during stretches of 2015 and is now enjoying a huge renaissance in recent months.

The best way to avoid it, of course, is not to follow the link. But if that ship has sailed, the best recourse is to immediately change your Google password. Then check your Google email settings and look at the Filters tab. The attackers sometimes set filter functions in your account so that as soon as anyone responds to the spam email, the email is immediately deleted and does not appear in the inbox. In this way the attackers try to ensure that nobody could quickly inform and warn others by email.

Traffic for the scam email is sent through a variety of countries. If you want to see what travel decals yours picked up on its vacation, you can check it in Settings by looking at the devices used to log in to your email.


Reader Comments


Powered by ROAR Online Publication Software from Lions Light Corporation
© Copyright 2019