A new phishing attack is targeting Gmail users tricking them into revealing their login details. The scam which was discovered by security researchers at WordFence a popular developer of security tools is said to fool even tech savvy users.
How does it work?
An attacker will send an email to your Gmail account which may come from someone you know who has had their account hacked using this technique. The email includes something that appears to be an image of an attachment, and when you click on it hoping to see a preview, you are instead shown a new tab that prompts you to sign into your Gmail ID again.
The website address bar has ‘data:text/html,’ text preceding the normal Gmail service login. Once you sign in, the attackers have full access to your account following which they immediately log in and find one of your actual attachments, plus one of your actual subject lines, and send it to people on your contact list to take the scam further.
A Google spokesperson provided the following comment regarding the attack:
“We’re aware of this issue and continue to strengthen our defenses against it. We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more. Users can also activate two-step verification for additional account protection.
To make sure that you do not fall victim to this phishing scam, read your website address bar carefully before signing into your account. The address bar needs to have HTTPS:// in the beginning of every sign-in page.