Jan 2017 Gmail Phishing attacks ongoing

by / Friday, 13 January 2017 / Published in Security, Technology, Training
There has been a massive spike in Gmail ‘phishing’ attacks in the last few days whereby attackers are trying to steal your login details.  If they succeed, this will open up access to your inbox and all information within.  It will also allow them to use your e-mail address to reset many passwords to gain access to sites – be they your business website, PayPal, Facebook, Twitter,  iTunes account or whatever.

 

The way the attack works is that you receive an e-mail with an image attachment.  This may come from somebody you know if their account has been hacked. It will include an image within the e-mail which if clicked to open/view will open in a new tab – one with a ‘normal’ gmail login page, as we all see every so often as gmail intermittently checks for login details.

 

Except this time it isn’t a normal gmail login page!

 

Look at the URL in the address bar of this fake login page:

 

dataURI

This is not what you should see. At all.

 

Any time you log into Gmail you should see a green Padlock symbol here followed by https://accounts.google.com/…

 

The “data:text/html,” in front of this indicates that it is loading an entirely separate file.  Everything else will look legitimate, and even experienced users have already been caught out by this attack.  If you use Safari as a browser I would highly recommend making sure that your Address bar is set to be visible in order to help you see security indicators, good or bad and help avoid attacks like this.

 

Always remember that opening any links or attachments within an e-mail can be a risk, rarely but occasionally sent from the account of somebody you know.  In the case of unsolicited e-mails, dodgy links are far more often present.

 

Think before you click! Don’t put your computer/accounts/business at risk by lack of thought.

 

Addendum:  If you want to check the last logins to your gmail account, look in the bottom RHS of your gmail inbox page.  It says about last account activity, if you click the word ‘Details’ if will show you the last 10x logins and any active sessions.  You can log out of other sessions remotely from here.  If you wish to visit the gmail Security Centre for more information, it is here – https://myaccount.google.com/security

TOP