Got this gem in my inbox this afternoon:
Did a quick Google and found a bunch of references to this as a phishing scheme. The poor grammar and funky URL tipped me off.
Always be diligent, my friends.
Yet Another Phishing Scheme
Tag: phishing
I Received A Phishing Phone Call Today: Beware, My Friends
This afternoon my office received a phone call from “800”. I had just finished one project and was reviewing my notes when this popped up. In a good place to deal with random distraction, I opted to grab the call. As the tech-savviest of my office mates, I’m glad I got this one.
Female Robot Voice: “Your Windows license has expired and your account has been compromised…” at which point, I hung up. Now, a malicious part of me thought I should’ve played this up and trolled the phisher, but, no. I do have a ton of real work to do. Stuff that brings money into the company. But I really did want to disturb these creeps.
It’s not the first of these phishing phone calls I’ve received, just the first one like this one. Different verbiage, different delivery mechanism, but, in the end, the same deal.
So, no, this isn’t legit. No, Microsoft isn’t monitoring YOUR computer. Oh, and Windows licenses don’t “expire”. Last but not least, whether it’s a phone call or a pop-up on your browser, your machine probably isn’t compromised. Exception: if the antivirus software YOU installed is telling you this, it might be legit. In that case, along with anything repeatedly popping up on your computer, consult an expert.
And the Google Docs Phishing Scheme Continues
I just got this message from my college (taking an AutoCAD class at Edmonds Community College). It’s the Google Docs phishing scam. You get an email from someone you know that has “shared a document on Google Docs with you”.
Rule #1 with this sort of thing: DON’T CLICK THE LINK!
This has been around the interwebs for some time. The very first of these I saw, I called the sender and asked. And I’m sure you know what they said.
Now, if someone says they got one of these from you, it’s possible your account’s been compromised. It’s also possible you’re being spoofed (someone forged your email address in the “from” spot…it’s pretty easy, actually). I recommend immediately changing your password, since it won’t hurt. You should be regularly changing your passwords, anyway (yeah, yeah…I know…).
Anyway, live your digital life with a healthy dose of suspicion. Trust but verify, and any of a number of other security-esque cliches.
Clearly this is starting to grow again. Here are two articles to explore this fun further (both posted today)
- Did Someone Just Share a Random Google Doc with You? (The Atlantic)
- Don’t Open Google Doc Unless You’re Positive It’s Legit
Practice safe computing!
Subject: “<some name you may recognize> has shared a document on Google Docs with you”
Message:
“_______ has invited you to view the following document:”
“Open in Docs” <—– DO NOT click on this link!
——————————
Do not open the document! Immediately mark the email as Spam or Delete it. This is a widespread phishing scam targeting Google Apps. If you accidentally opened the Doc, your email account may be compromised, and your email address will continue to send the scam to everyone in your contact list. Several people at EdCC have already been fooled by this scam, so you may receive this email from someone familiar, such as your instructor, staff at EdCC, or other students.
We urge you to change your password and visit your account security page in EdMail to verify the applications that have access to your data in Google Apps.