The Latest Gmail Phishing Scam Is Frighteningly Easy To Fall For

The Latest Gmail Phishing Scam Is Frighteningly Easy To Fall For

The phishing email comes with an "attachment" that is actually a screenshot of an attachment sent by that account in the past, like a spreadsheet or a PDF, for example. The exploit presents users with what looks like a regular login page but, rather than being hosted by Google, is in fact running on a different server waiting to steal account details.

The convincing scam sees cyber criminals attempt to fool users into clicking on fake links which are then used help steal private information such as online passwords and banking details. When the recipient clicked on the image, a new tab opened with a prompt asking the user to sign into Gmail again. The text still includes the "https://accounts.google.com", a URL that seems legitimate. "Once you complete sign-in, your account has been compromised", he said.

Having captured the target's login, a process is started where malware grabs names in the contact list and emails the message to them - and the attacker has access to all of the recipients' mail.

This particular attack involves an email that may look like it's from one of your contacts, likely because they have been hacked.

Maunder explains that the key lies in the web address that users see. Nearly everything on the hijack page is picture-perfect, except its URL, which starts with "data:text/html", which should be a red flag to eagle-eyed users.

These carefully planned attacks can be easily overcome if you enable two-factor authentication in Gmail. Using email addresses from a person's contacts can make emails look even more legitimate, thus helping compromise a bigger number of accounts. You can report suspicious messages directly to us. However, once the user logs in, several codes show up in the user's browser address bar.

It's the Gmail sign-in page, right?

Instead of "https" you have "data:text/html, ' followed by the usual 'https://accounts.google.com....'". "Once they have access to your account, the attacker also has full access to all your emails including sent and received at this point and may download the whole lot".

"We're aware of this issue and continue to strengthen our defenses against it", Google said in the statement.

The internet security firm Wordfence has sent out alerts warning Gmail users of what they call a "highly effective phishing attack". Narang also recommends setting up two-step verification for your Gmail account (find out how to do so here).

If you already suspect you may be a victim of this scam or if you are not sure, the first thing you should do is change your Gmail password.

Related News: