Gmail Phishing Scam
To protect against this attack, you will have to pay close attention to the address bar of your browser. A new Gmail Phishing Scam attack is prowling and is capable of deceiving users technically savvy, security conscious.
The trick is to steal user names and passwords for Gmail and other services. And “is being used right now with a high success rate.” According to Mark Maunder, CEO of Wordfence, like other phishing attacks, it begins with an email. Instead of a random person, the email may appear to have been sent by someone you know and may include an image of an attachment that it recognizes from the sender.
If you click on the image, you expect Gmail to preview the attachment, then a new tab will open and Gmail will log in again to access the address bar and view accounts.google.com.
Once logged in, attackers have full access to your account. Google did not immediately respond to PC Mag’s request for comment. But told Maunder that it is aware of the problem and is working to improve its defenses against it.
Once the attacker logs in to your account, he immediately connects and finds one of your actual attachments, plus one of your current subject lines. And sends it to the people in your contact list to promote the scam and commit more Accounts. Maunder said the attackers have automated the scheme, or that they have “a team prepared to process accounts when they are compromised.”
Tips to protect yourself from phishing attempts
- Be careful with emails that demand personal information from you. Remember that legitimate services do not usually send such requests via e-mail.
- Do not be fooled into providing sensitive data, including financial details. Keep in mind that attackers can also use scare tactics to lure you into revealing personally identifiable information.
- Beware of generic requests for information. A legitimate email from a legitimate organization, such as a bank would know the name of the person. Fraudulent emails often start with “Dear Sir / Madam”.
- Do not send confidential information through forms within emails.
- Do not interact with links or attachments in an email unless you are absolutely sure that the email comes from a trusted source.
- Make sure your anti-malware protection has a feature against phishing.