Forum Index \ DriveHQ Customer Support Forum \
Read/Reply : 27881/1
  • DriveHQSupport
  • (651 posts)

Today, a few users reported that when they access certain web pages on DriveHQ.com, Google's Chrome browser displays a red alert page saying:

    "Phishing attack ahead. Attackers on www.drivehq.com might try to trick you to steal your information (from example, passwords, messages or credit cards).

After checking on Google's webmaster tool, we noticed that there were 3 bad users who posted bad files on DriveHQ.com. We have promptly disabled the 3 bad users and their files are removed. So the alert page should go away once Google refreshes its database.

How does it affect our site security?

The short answer is it does not affect our site security.

DriveHQ has offered more than a dacade of cloud service. We never had any security breaches. The information displayed on Google's Chrome browser is not accurate. It happened because DriveHQ offers hosting services. With over 2 million registered users, we have many users sharing / publishing files on DriveHQ.com, some of them even publish personal or business websites on DriveHQ.com. From time to time, we have a few bad users publishing bad contents. Such users are usually detected or reported quickly and their accounts are disabled.

In certain cases, we may fail to detect such abuses promptly. However, it still does not affect our site security. A user visiting www.drivehq.com will have absolutely no way linking to the phishing page; a DriveHQ member accessing his account will be totally separate from the bad user account.

Ironically, the biggest risk comes from visiting another website that links to the phishing page. A bad user usually will post the phishing links on other websites, or send phishing emails containing the link; a search engine like Google may index the phishing page, and if the content of the phishing page is not detected by Google, then clicking on the Google search result could be dangerous.

Why does it happen to DriveHQ?

Service abuse can happen to any cloud service providers. It happens more frequently to free service providers. DriveHQ mainly targets business customers. However, we do offer limited hosting service to free service users. We have developed many technologies to prevent service abuse, e.g. free service users can only send very few emails per day; they can only log on our FTP server 25 times/day; and they must provide a business email address to use our publishing feature. With these efforts, DriveHQ has experienced fewer service abuses than most of other cloud service providers. In this case, use Gmail as an example, most of our abusers use a free gmail account. Such gmail accounts were created specifically for fraudulence. Of course, those fraudulent gmail accounts will not make your use of gmail less secure. They just create problems for other cloud services.

We will continue working hard to fight service abuses.

 

The solution

It probably will just take a few hours for Google to refresh its database. In the meantime, you have a few options:

(1) Ignore the warning and continue visiting the DriveHQ web page, assuming you are accessing DriveHQ web pages in a normal way and not being linked to a web page published by a user that you don't know.

(2) Try a different web browser, such as Internet Explorer, Safari or Firefox. 

(3) Use DriveHQ FileManager client software.

(4) Use WebDAV Drive Mapping or FTP.

 


9/17/2014 11:41:55 AM

  • DriveHQSupport
  • (651 posts)
Subject: Re:Regarding "Phishing attack ahead" on DriveHQ.com - Update

We are very disappointed by Google's slow response. Six hours after we contacted them, Chrome browser still displays the red alert page when users visit certain pages on DriveHQ.com.  Granted, there is no security breach, but Google is hurting our reputation!

The core of this issue is about a couple bad users abusing our service by posting some bad files. The user accounts have been disabled and the files have been deleted. The bad users signed up a free DriveHQ account using a free gmail account. Google should really label gmail.com as a phishing website.

Anyway, our engineers have worked around the problem by updating our URLs. The alert message should have been resolved now.

 


Reply
9/17/2014 4:58:21 PM

Quickly Reply

Please logon and reply, Not DriveHQ Member?


Leading Cloud Surveillance service

Leading Enterprise Cloud IT Service Since 2003