Sophos, the renowned security vendor recently posted about a new phishing attack trying to steal Google passwords via Red Cross website. According to the report posted by Sophos, the hackers send the unsolicited emails to users asking to open a link to Google Docs to know the sender’s profile.
Clicking on that Google Docs, you will land on a phishing page hidden away on the Ethiopian Red Cross Society’s website instead of Google. Graham Cluely, an expert at Sophos warned recipients against entering the Google Docs in email or to give any credentials as it straight away goes to the cybercriminals. 
Talking about this Phish Cluely, posted in company’s official blog, “At first glance, you might imagine you are logging into Google Docs to see the content from the email’s sender, but a closer examination of the URL bar reveals that this isn’t Google at all that you’re visiting, but instead a phishing page hidden away on the Ethiopian Red Cross Society’s website”.
He also added in his post that cybercriminals are using the attractive emails and calendars to incite users sharing their credentials. Sophos also informed the Ethiopian Red Cross Society about the security hiccup in their website.
In December 2012, Sophos released its Security Threat Report 2013 based on the impending threats of phishing attacks as BlackHole, Java attacks, Polymorphic attacks, Mac malware and Android threats.
