Do you have a Gmail account? Look out for a new phishing attack that's stealing account passwords.
How it’s done:
1. You will receive a believable looking email from a contact that had their account hacked.
2. The email will include an image attachment embedded with a malicious script. The attacker will make the image look legitimate by screen-capping an attachment previously used by the contact.
3. When the attachment is clicked on, a browser tab will pop up with a fake Google account page. The page will look just like the real thing by using the Google logo, slogan, and login fields.
4. You will be asked to sign in to Gmail again. Once the task is complete, the login information is sent to the attackers and they will now have access to your Google account.
5. The attackers will then send the same phishing emails to your contacts.
Google released a statement in response to the phishing attack:
“We’re aware of this issue and continue to strengthen our defenses against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.”
What can you do?
• If you suspect your Gmail account was hacked, change your password immediately.
• Enable two factor authentication on your Google account. The setting will require you to enter a code sent to your phone after you enter your username and password. When this setting is in place, it will be harder for an attacker to sign into your account, even if they have your password.
• If you click on an email attachment and you are asked to login again, don't do it. You should not get this request when you are already logged into your Gmail account.
• Pay close attention to your web browser's address bar when signing into Gmail. It should read https://accounts.google.com and not contain any funny looking text before the web address, such as "data:text/html."
• Do not enter passwords without seeing a green lock before the address bar.
• If you receive any phishing emails in your Gmail account, report it to Google. Here's how: https://support.google.com/mail/answer/8253?hl=en
• Check your login activity in Gmail to see if anyone else is logging into your account. Remove sessions that do not come from any of your devices. Here's how: https://support.google.com/mail/answer/45938?hl=en
For more information about our IT company, contact SwiftTech Solutions by calling 877-794-3811 or emailing [email protected]
Maunder, M. Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited. (2017, January 12). Retrieved from: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
Moscaritolo, A. Don't Fall for This Sophisticated Gmail Phishing Scam. (2017, January 18). Retrieved from: http://www.pcmag.com/news/351113/dont-fall-for-this-sophisticated-gmail-phishing-scam
Hackett, R. Everyone Is Falling For This Frighteningly Effective Gmail Scam. (2017, January 18). Retrieved from: http://fortune.com/2017/01/18/google-gmail-scam-phishing/
AOL Finance. New Gmail phishing scam is even fooling tech-savvy users. (2017, January 18). Retrieved from: https://www.aol.com/article/finance/2017/01/18/new-gmail-phishing-scam-is-even-fooling-tech-savvy-users/21657796/