Phishing attack attempts to steal Google passwords via Red Cross website

Always be careful about the links that you click on in unsolicited emails – are they really taking you where you think they’re taking you to?

That’s an important lesson for all computer users to learn, and it’s brought home by this email we intercepted overnight:

Subject: Re: Order

Message body:
Thanks for the email, i have tried to send you our company profile but its not going through, so i have decide to send it via Google Docs. all email account work with Google Docs all you need to do is to click the link below and login to view the document.

Click here to View

And get back if you will like to do business with us thanks.

James

So, what do you imagine happens if you click on that link?

Well, you will end up on a website looking like this:

At first glance, you might imagine you are logging into Google Docs to see the content from the email’s sender – but a closer…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.