Google Drive currently has over a billion active users worldwide. Massively adopted by Internet users, the online storage service has obviously attracted the attention of cybercriminals. They pretend to be Google in order to encourage their targets to click on a link. This link redirects the Internet user to a phishing platform, designed to suck up personal and banking data.
"Your storage is full"
Phishing emails targeting Google Drive users are common. A member of the 01Net editorial team has just received a new phishing attempt on his mailbox. The email states that "your cloud storage is full" and that "your photos, videos, contacts, files and private data may be lost".
The email plays on the fear that your Drive account storage is already full. As a reminder, Google Drive offers 15 GB of free storage space, shared between Google Drive, Gmail and Google Photos. By accumulating photos, videos or documents, you can quickly reach the limit set by Google. In this case, you have to turn to a paid Google One subscription, starting at €1.99/month for 100 GB.
The email looks a lot like real Google communications. Indeed, it is not uncommon for Google to warn its users that their account storage is almost full. In our mailbox, we found several official emails warning us of the situation. However, Google does not warn us that we will soon have to switch to a paid offer. Furthermore, Google does not intend to delete the files currently stored. These will remain accessible on the cloud.
For its part, the fraudulent email assures that "you can receive 50 GB of additional storage by making a one-time payment of €1.99 before your files, media and private data are deleted", and as part of a "loyalty program". The scammers continue to manipulate their target by offering them a quick and inexpensive solution. The email adds that it is a "special offer expiring in 4:50 minutes", which increases the pressure on the victims. At the bottom of the message, there is a button indicating "REPLY NOW!". If you click on this link, you will fall into the trap set by the criminals.
"Likely scams"
Contacted by 01Net, Benoît Grunemwald, cybersecurity expert at Eset France, states that these emails are not necessarily sent by chance to all the email addresses in the hands of hackers. In fact, "it is easy to distinguish users" from Google, "by their email address". All you have to do is look to see if it is a Gmail address. "It is therefore possible to send this phishing only to the people concerned", specifies Benoît Grunemwald.
The researcher adds that "cybercriminals are setting up plausible scams", in particular because of the "numerous leaks of personal data that occurred in 2024". Last year, data leaks multiplied worldwide, and particularly in France. According to a study by Surfshark, data leaks concerning the French were multiplied by 14 in 2024 compared to 2023. France ranks fourth in the world among the most affected countries, with 146.4 million accounts compromised in 2024, compared to 10.8 million the previous year.
It is by using compromised data that hackers manage to design credible, effective scams that are likely to result in the theft of other sensitive information. Typically, hackers target banking data. With this data, scammers can steal money from your bank account.
How to protect yourself against Google Drive scams?
Despite the efforts made by cybercriminals, it is possible to avoid falling into the trap. In most cases, hackers use an email address that has nothing to do with an official Google address. Just take a look at the sender's address to understand that it is a scam.
However, sometimes hackers use an address that is very similar to a Google address. In fact, "the sender's email address can look very similar, or even be identical, to a legitimate address." Some seasoned hackers have found a way to send emails with a Google address. As Wired explains, scammers use Google Drive's comment feature to mention the victim in a shared document. This action generates a push notification on the target's device. This trick maximizes the chances of success of the phishing attack.
Finally, "the easiest thing is not to interact with the message and to go to your Google account to check the status of its storage". This advice applies to all online services targeted by a phishing attack. Instead of taking everything the email says at face value, go directly to the platform in question.
0 Comments