Do you have a Gmail account? Look out for a new phishing attack that is stealing account passwords.
How do Gmail phishing attacks work?
- You will receive a believable-looking email from a contact that had their account hacked.
- The email will include an image attachment embedded with a malicious script. The attacker will make the image look legitimate by screen-capping an attachment previously used by the contact.
- When you click on the attachment, a browser tab will pop up with a fake Google account page. The page will look just like the real thing by using the Google logo, slogan, and login fields.
- The page will ask you to sign into Gmail again. Once the task is complete, the page sends the login information to the attackers, and they will now have access to your Google account.
- The attackers will then send the same phishing emails to your contacts.
Google released a statement in response to the phishing attack:
“We’re aware of this issue and continue to strengthen our defenses against it. We help protect users from phishing attacks in a variety of ways, including machine learning-based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.”
How can you protect yourself from Gmail phishing attacks?
- If you suspect a hacker compromised your Gmail account, change your password immediately.
- Enable two-factor authentication on your Google account. The setting will require you to enter a code sent to your phone after you enter your username and password. When this setting is in place, it will be harder for an attacker to sign into your account, even if they have your password.
- If you click on an email attachment and the site asks you to log in again, do not do it. You should not get this request while logged into your Gmail account.
- Pay close attention to your web browser’s address bar when signing into Gmail. It should read https://accounts.google.com and not contain any funny-looking text before the web address, such as “data:text/html.”
- Do not enter passwords without seeing a green lock before the address bar.
- If you receive any phishing emails in your Gmail account, report them to Google. Here is how: https://support.google.com/mail/answer/8253?hl=en
- Check your login activity in Gmail to see if anyone else is logging into your account. Remove sessions that do not come from any of your devices. Here is how: https://support.google.com/mail/answer/45938?hl=en
Maunder, M. Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited. (2017, January 12). Retrieved from: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
Moscaritolo, A. Don’t Fall for This Sophisticated Gmail Phishing Scam. (2017, January 18). Retrieved from: http://www.pcmag.com/news/351113/dont-fall-for-this-sophisticated-gmail-phishing-scam
Hackett, R. Everyone Is Falling For This Frighteningly Effective Gmail Scam. (2017, January 18). Retrieved from: http://fortune.com/2017/01/18/google-gmail-scam-phishing/
AOL Finance. New Gmail phishing scam is even fooling tech-savvy users. (2017, January 18). Retrieved from: https://www.aol.com/article/finance/2017/01/18/new-gmail-phishing-scam-is-even-fooling-tech-savvy-users/21657796/