If you use Gmail, you should be aware of a new phishing scam that’s fooling even some of the most tech-savvy users.
The scam was detected by Wordfence, which outlined just how it works in a blog post on its website.
According to security expert Mark Maunder, the CEO of a WordPress security plugin called Wordfence, the hacker will first send you an email that contains image attachments that appear to be PDF files, and when you click on the attachment, a new tab opens and prompts you to log into your Gmail account again.
However, it’s a fake. If you enter your email and password, you’re giving your login credentials to hackers who then have complete access to your emails.
According to wordfence,
“The hackers use a phishing method known as URI or data uniform resource identifier. The URI method is used to attach a data file in the location bar in front of ‘https://accounts.google.com.’ The data file ‘data:text/html’ is attached in front of the host name, which opens up the fake login page.”
- Fake login page:data:text/html,https://accounts.google.com/ServiceLogin?
- Gmail login page: https://accounts.google.com/ServiceLogin?
“The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list. For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.”
What to do if you think you’ve been attacked …
As more and more of our lives move online, as photos, social memories and even our love lives go digital, sadly the risk of falling victim to a cyber-attack keeps growing.
THINK you have been hit by an online scam? Do not panic – here are some quick top tips to make sure you stay safe.
First of stay calm and not panic.
- If you think you may have already fallen victim to the scam, change your Gmail password immediately. Then go to your account activity page and end any current sessions that you don’t recognize.
- Immediately enable 2-step authentication for your gmail, as acting quickly may also help minimse the damage. if possible use different PC or device to do so, as hackers may have installed programs that are able to track your movements and even the specific keys you’ve pressed to create new information.
- Report it immediately to your antivirus provider, you may be able to alert them to what your attack is and how best to deal with it. Antivirus companies will also be able to provide more in-depth information on how to immediately respond to an attack, or if you should take any device-specific actions.
- Once your PC has been attacked, there is often a very real risk that some of your personal or private files could have been infected or even stolen entirely. Whether using a PC or Mac, your computer will be able to create back-ups of how it was set up, and all of the files and settings you had set up. These can be exported to an external hard drive, or kept on your device, so when you are able to use your PC again after the attack, you will be able to restore it to the way it was previously.
- Keep your ant-virus always updated .
It’s important to ensure that you keep these devices protected as well though, as criminals are also able to attack smartphones and tablets with devastating effects.
What makes the scam worse is the fact that you see the mail come from the people in your contact list, who you usually trust. The hackers after entering your id through them, go on to collect personal information to use them for secondary attacks, which means other websites where you use Gmail to log in. WordFence, in its blog also said that as of now it has been found only in Gmail, but it could possibly be across many other websites.