We are observing a new method to host spam information using Google Docs. Google Docs is an online application which allows users to create and share documents online.
Quoting Google about what does this application allow to do:
“• Upload from and save to your desktop
• Edit anytime, from anywhere
• Pick who can access your documents
• Share changes in real time
• Files are stored securely online
The biggest asset of it is: It’s FREE!”
And this is exactly why the spammers use it.
Once accessed, the content hosted by Google is a simple HTML document, as shown in Figure 2.
Why are the scammers going through this trouble? The Google domain will never be blocked by an antispam product. Furthermore, an antispam product which sees such a “non-spammy” link inside the email will likely mark the email in favor of ham instead of spam. Just to confuse the web filters which can heuristically detect the website as spam, they added also some junk text at the end of the document.
This is already the second attempt to misuse Google online application. We have seen in the past spams using Google Calendar, another online application.
Manager International Software Development