Phishing Attack Leads to Phony Google, Compromised Red Cross Sites

An apparent phishing scam involving fake Google and Red Cross websites is making the rounds according to security firm Sophos, which intercepted a spammy e-mail this morning that tries to send unsuspecting users to less than genuine versions of those sites.

An apparent phishing scam involving fake Google and Red Cross websites is making the rounds according to security firm Sophos, which intercepted a spammy e-mail this morning that tries to send unsuspecting users to less than genuine versions of those sites.

An email with the subject line, “Re: Order” tries to get the user to view a document on a site that at first glance, appears to be Google Docs. Upon closer inspection the site is actually a hacked version of the Ethiopian Red Cross’ website. With a collection of well known logos to the right, the site claims to be a “Customer Center Login” for Google Docs, yet the site’s URL clearly says the site is hosted on redcrosseth.org.

If a user were to actually login to the page, they’d almost certainly be handing over their Google/Gmail credentials to attackers on the back end.

While users should always double check links before clicking through, going forward, it wouldn’t hurt to verify links before clicking them in emails that appear to come from the Red Cross. According to the blog post, Sophos has already contacted the Ethiopian Red Cross to let them know their site appears to be compromised.

For more on the phishing email, head to Sophos’ site.

Suggested articles

It’s Not the Trump Sex Tape, It’s a RAT

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.