Phishing attack using Google Drive and McAfee URL shortener for legitimacy.

posted May 19, 2017, 10:32 AM by David Shettler
Attackers are realizing that some of us have been trained to read URL's, and not click on suspicious URL's.

In response they've begun filling their phishing emails with links to more trusted resources, such as Google Drive. Then, in a benign Google Drive share, they link you off to somewhere malicious.  In this case, we see them using McAfee's URL shortener in an attempt to add legitimicy. Thankfully, in this case, McAfee had already shut the link down by the time we could test it, but be aware that this may not always occur.

Moral of the story: don't blindly trust URL shorteners, and if you receive an email with a file share out of the blue that you were not expecting, and that is "out of character", don't click.







Comments