Many Gmail users have reported falling victim to a new phishing scam that makes use of a dubious attachment to steal their Google credentials.
Phishing attacks are unarguably one of the worst forms of cyber scams. While they generally victimize less tech-savvy users, some phishing scams are so cleverly executed that even the more knowledgeable users fall prey. Such is the case with the latest Gmail phishing scam.
On a casual look, it looks pretty convincing and could potentially fool even the most careful of users.
However, just like any other phishing scam, the new Gmail threat is also not that difficult to timely identify if you pay attention to some key details. Here’s how it works and how you are supposed to defend against it:
Gmail phishing scam: Here’s how it works
Apparently, the said phishing scam has been going on for awhile now. Wordfence first warned Gmail users against it earlier this January. Since February, Google has made several moves to address the threat. The company even tweaked its Chrome browser to alert users in case they were targeted by the phishing attackers.
The scam involves the attacker deploying the same old technique of posing as someone known to the user. The attacker sends an email with what appears to be an innocent attachment (for example, a Word or PDF document). However, when the unsuspecting user clicks on the attachment to preview it, they are redirected to a sign-in page that asks them to re-enter their account credentials.
How do you know if you come under this Gmail phishing attack
As explained by the folks over at Lifehacker, the attachments in the dubious mails are actually embedded images designed to send users to a fake Google sign-in page. So, if you enter your account credentials on this page, the data straightway goes to the attacker instead of Google servers.
However, all it needs to detect this scam is a look at the URL of the fake sign-in page. Rather than having the standard URL such as “https//”, it masks a data URL that begins with “data:text/htyml”
So, that’s all about it. If you ever come across any such attachment that makes you re-enter your email address and password, just check the address bar of your browser for any suspicious URL.