There is a new phishing attack that threatens Gmail users’ data safety.
(CCM) — Security specialists have found an threatening new phishing system that sends fake emails by locating and imitating past messages. Found by Mark Maunder, CEO of WordPress’ security module Wordfence, the phishing system depends on the hacker sending an email that seems to contain a PDF with a common file name. The attached PDF is a shrewdly masked image that, like loads of other phishing schemes, dispatches another tab that resembles Gmail’s login page when clicked. These details are, then, sent to the hacker, who continues the cycle of locating and using the new victim’s past messages to trick another round of Gmail clients.
Commenting on the attack, one analyst said: “The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.” Concerning as the threat is, there are ways that users may guard themselves. The most blatant giveaway of a hack attempt is a close-but-not-exact URL name, so users should be vigilant about on which pages they choose to enter their login credentials. (This scheme’s URL starts with ‘data: text/html,https://’.) Users can also enable two-factor authentication in their Gmail account settings.
Image: © charnsitr - iStock.