Security researchers from Finnish antivirus vendor F-Secure have found phishing forms stored as spreadsheets on Google Docs, outlining yet another way in which legitimate services are being abused by cyber criminals.
The F-Secure researchers have found several such rogue spreadsheets which seem to be part of different phishing campaigns.
"
Spreadsheets can even contain functionality, such as forms, and these can be published to the whole world. Unfortunately, that means we regularly see phishing sites via Google Docs spreadsheets and hosted on spreadsheets.google.com,"
says F-Secure's Chief Research Officer, Mikko Hypponen.
In one case, a spreadsheet titled "webmail account upgrade" contains fields for inputting webmail account credentials. In another, a form is gathering student data.
One page, claiming to be a Google Voice account transfer form, is crafted so well that not even the F-Secure researchers are sure if it's legitimate or not.
On one hand it asks for Google Voice numbers, e-mail addresses and secret PIN codes, so it looks like a phishing scam, but on the other, Google employees have linked to it on support forums.
More details -
link