The site drive.google.com is the URL for Google Drive, Google’s cloud storage and file sharing platform. Google Drive offers a limited amount of cloud storage space for free which allows you to store media in Google Drive without it taking up your smartphone’s storage. If you have a Google Drive account, you can get access to it on any web browser by pointing to drive.google.com/drive/my-drive. There is also a Google Drive app preinstalled on Android.

Is drive.google.com Safe?

I analyzed drive.google.com for malware and malicious content to check if it was legit or a scam. Here are the results:

I checked drive.google.com on Sucuri, and it returned as a low security risk. Results: Sucuri scan for the site drive.google.com.

Drive.Google.com Sucuri results

Sucuri says the site drive.google.com wouldn’t allow a scan on the login URL listed below:

https://accounts.google.com/signin/usernamerecovery?continue=https://drive.google.com/&service=wise&osid=1&ifkv=AWnogHfTTu2opbdEg1bdBSY_R_TnPR4-oKBlr2dWCFglAvLXhDeZWBa7pVdgJSKNj7xRmW2PEKR7MA&hl=en

Security hardening flaws:

  • Missing security header for ClickJacking Protection. Affected pages:
    https://policies.google.com/privacy?gl=US&hl=en
    https://policies.google.com/terms?gl=US&hl=en
    https://www.google.com/drive/
  • Missing Strict-Transport-Security security header. Affected pages:
    https://accounts.google.com/signin/v2/’ _.C(_.Uv(h).replace(/;/g,
    https://policies.google.com/privacy?gl=US&hl=en
    https://policies.google.com/terms?gl=US&hl=en
    https://www.google.com/drive/
  • The ‘unsafe-eval’ keyword in Content-Security-Policy is not recommended. Affected pages:
    https://accounts.google.com/signin/v2/’ _.C(_.Uv(h).replace(/;/g,
    https://accounts.google.com/signup/v2/nojs?service=wise&continue=https://drive.google.com/

The site should also consider adding an SPF record to prevent email spam.

I then ran a parasite scan with Unmask Parasites on drive.google.com, and it is suspicious. Results: Unmask Parasites scan for the site drive.google.com.

Unmask Parasites cites 3 suspicious inline scripts found:

//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlb...

window.wiz_progress&&window.wiz_progress();window.wiz_tick&&window.wiz_tick('ZdRp7e');

(function(){/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
'use strict';var a=function(...

I also checked drive.google.com on VirusTotal, and it is clean. Results: VirusTotal scan for the site drive.google.com.

Drive.Google.com VirusTotal results

In conclusion, drive.google.com is a low security risk and doesn’t have malware according to Sucuri. Moreover, only one security vendor associated with Sucuri or VirusTotal has flagged the domain as malicious. The most likely scenario is that one security vendor has a false positive given that 87 other vendors didn’t flag the site as malicious. OVERALL GRADE: Relatively Safe.

Links and Profiles

Website: drive.google.com

References

1. SimilarWeb – drive.google.com

2. Wayback Machine – drive.google.com