Read the Beforeitsnews.com story here. Advertise at Before It's News here.
Profile image
By TeaPartyTribune.com
Contributor profile | More stories
Story Views
Now:
Last hour:
Last 24 hours:
Total:

An insidious new Gmail phishing attack is tricking even the most careful of users

Tuesday, January 17, 2017 16:10
% of readers think this story is Fact. Add your two cents.


A new phishing technique is fooling internet users into giving hackers access to their Gmail accounts. According to WordPress security plugin creator Wordfence, the way that the attack works is that hackers send emails to the contacts of compromised accounts containing a seemingly innocuous attachment. When the user clicks the attachment, a new tab opens in the browser that looks nearly identical to the Google sign-in page. If the user inputs their log-in information, it goes straight to the attacker.

On Hacker News, a commenter describes an incident that occurred at his school last year in which several employees and students were tricked into handing over their account information to attackers after receiving compromised emails and opening the attachments, thus perpetuating the cycle:

“It’s the most sophisticated attack I’ve seen. The attackers log in to your account immediately once they get the credentials, and they use one of your actual attachments, along with one of your actual subject lines, and send it to people in your contact list.

For example, they went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a subject line that was tangentially related, and emailed it to the other members of the athletic team.”

While the idea of having your Gmail account serve as a host for the chain of hacks to continue is frightening enough, the hackers will also have the ability to download and read through all of your private emails, as well as gain access to other information connected to your Google account (or whichever service is hacked).

Here’s what you need to look out for in your address bar to avoid this attack:

As you can see, not only is the beginning of the string odd, but there is a script hidden behind a long wall of whitespace. You won’t be able to see the script in your address bar without tapping on it and scrolling to the right, but there are several other signs to watch out for that are even more obvious.

For example, here’s what my address bar looks like when I navigate to Gmail in Chrome:

See the green text and the “Secure” label in front of the address? That indicates that I’ve reached a safe, secure website, as opposed to the black text up above. Not every site is going to be certifiably secure like that, but if you are visiting a Google log-in page specifically and don’t see it, alarms should go off in your head. Google might fix this eventually, but for now, just pay attention and look for green text.

Furthermore, if you don’t have two-factor authentication on your Google account (or any other account which contains sensitive information), treat this as a wake up call and set it up immediately.

Sponsored Content

Sponsored Content

View Comments

Source: Jacob Siegal @bgr.com

The post An insidious new Gmail phishing attack is tricking even the most careful of users appeared first on Tea Party Tribune.


Source: http://www.teapartytribune.com/2017/01/17/insidious-new-gmail-phishing-attack-tricking-even-careful-users/


Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world.

Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.

"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.

Please Help Support BeforeitsNews by trying our Natural Health Products below!


Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST

Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST

Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST


Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!

HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.

Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.

MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)

Oxy Powder - Natural Colon Cleanser!  Cleans out toxic buildup with oxygen!

Nascent Iodine - Promotes detoxification, mental focus and thyroid health.

Smart Meter Cover -  Reduces Smart Meter radiation by 96%! (See Video).

Report abuse

    Comments

    Your Comments
    Question Razz Sad Evil Exclaim Smile Redface Biggrin Surprised Eek Confused Cool LOL Mad Twisted Rolleyes Wink Idea Arrow Neutral Cry Mr. Green

    Total 1 comment
    • PaTaNiKi

      GOT ONE JUST LAST NIGHT-NO JOKE-NOTIFIED SOMEONE HAD MY EMAIL AND PASSWORD AND TRIED LOGIN IN FRANCE-SAME SCREEN POPS UP BUT IT WANTED ME TO CHANGE PASSWORD JUST LOGGED OUT-NEXT TIME WILL CHECK ADRESS BOX-MINE WAS EVIDENT IT DID NOT HAVE OLD PASSWORD AND WANTED IT-
      BEST OF LUCK-THESE ARE INDEED STRANGE TIMES

      Like Dislike Report SPAM 0 Reply
    MOST RECENT
    Load more ...

    SignUp

    Login

    Newsletter

    Email this story
    Email this story

    If you really want to ban this commenter, please write down the reason:

    If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.